7. td i n6 i d Au
Quan tri va bao mat mang la mot ITnh virc v6 ciing rpng Idn. Do do, trong
khuon kho quyen sach, tac gia chi di sau nghien cuu ky mot khia canh ciia quart
trj mang khong day va bao mat mang, do la cdc thuat todn mat ma - vi day chinh
la nen tang cot loi nhit.
Trong quyen sach nay trinh bay cac ky thuat mat ma dupe ph6 bien rpng rai
nhu DES, RSA, ECC... Ben canh viec nghien curu nguyen ly boat dong, tac gia
se phan tich cac diem manh va diem yeu ciia cac thuat toan citng phuemg phap
tan cong chiing. Song song do, tac gia con bo sung mot so thuat toan khac dS
hieu them ve cac each thitc ma hoa du lieu.
Ngoai cac thuat toan mat ma, quyen sach cung gioi thieu mot s6 he thong
truySn thong khong day, dac biet la he th6ng thong tin di dong toan eSu (GSM).
Tac gia se phan tich sir phu hop cua timg thuat toan cho cac he thdng nay r6i tir
do chpn ra mot thuat toan t6t nhat, ap dung cho he thong GSM...
Npi dung quyen sach gom 17 chuorng, cu thS nhu sau:
Chuang I: Giai thieu mat ma
Chuamg 2: Mot so thuat todn mat ma
Chuamg 3: Tong quan ve he thong GSM
Chuang 4: Cdc thudt todn mat ma hien diing trong GSM
Chuang 5: Tan cong cdc thudt todn mat ma
Chuang 6: Ap dung cdc thudt todn mat ma vdo h4 thSng GSM
Chuang 7: Mqng khong day
Chuang 8: Cdc thiet hi hg tang mgng khong day
Chuorng 9: Bdo mat mgng khSng day
Chuang 10: Tim hieu IDS trong LAN vd IDS trong mgng khSng ddy
Chuang 11; Cdu hinh trong mgng khong ddy
Chuang 12: Thiet ke he thong phdt hien xdm nhgp WIDSPro
8. Chicang 13: Tim hieu ve VPN
Chucmg 14: Giao thuc bao mat SSL
Chircmg 15: Tim hieu ve OpenVPN
Chuang 16: Triin khai mgng VPNsti dung he thing OpenVPN
Chuang 11: Xdy dung cong cu trien khai OpenVPN
Quan trj va bao mat mang khong day la mon hoc quan trong tai Hoc vien
Cong nghe Biru chinh Vien thong noi rieng va cac tniomg dai hoc c6 chuyen
nganh Dien tu Vien thong va Cong nghe Thong tin noi chung. Ngoai ra, quyen
sach con la tai li?u tham khao thiSt y6u dfi phuc vu cho cac ky su vi^ nghien cuu sinh
trong cong tac chuyen mon.
Trong qua trinh bien soan, mjc du tac gia da c6 nhiSu c6 gSng song kho
tranh khoi nhiing thifiu sot, r4t mong nhan duqc sq cam thong va y kien dong gop
cua quy vj doc gia dS ISn xuSt ban sau sS bo sung hoan chinh hom.
Moi y kifin dong gop xin giti qua e-mail: conghung@ptithcm.edu.vn.
Xin tran trong gioi thi$u cvmg b^in dpc.
TP.HCM, thdng 4 ndm 2013
PGS.TS. Tran Cong Hung
9. MUC LUC
Loi not ddu.................................................................................................................. 5
Muc luc........................................................................................................................7
Chu-ffng 1: Gldl THIEU MAT M A......................................................................15
1.1. Giai thieu tong quan ve mat ma..................................................................15
1.2. Ma hoa so lieu (Data Encoding).................................................................16
1.2.1. Ma NRZ (Non Return to Zero)............................................................. 17
1.2.2. Ma nhi pha............................................................................................. 17
1.2.3. Ma Miller............................................................................................... 18
1.2.4. Ma nhj phan da miic............................................................................20
1.2.5. Ma HDBn (High Density Bipolar n ).................................................. 20
1.3. Phat hien va sua sai...................................................................................... 21
1.3.1. LRC........................................................................................................22
1.3.2. CRC.......................................................................................................22
1.3.3. Ma sura sai Hamming............................................................................25
I 3 4 M3 Nen Huffman................................................................... 26
Chu-cng 2: MQT SO THUAT TOAN MAT MA.................................................. 29
2.1. Khai niem chung.......................................................................................... 29
2.2. Su tucmg quan giira 6 khoa va chia khoa................................................... 31
2.3. Phan loai cac thuat toan mat ma..................................................................32
2.4. Cac each ma hoa co ban.............................................................................. 32
2.4.1. Nguyen ly Kerckhoff............................................................................ 32
2.4.2. Mat ma hoan vi..................................................................................... 33
2.4.3. Mat ma thay the.................................................................................... 33
2.4.4. Mat ma hon hop.................................................................................... 34
2.5. H? thong mat ma DES................................................................................ 35
2.5.1. Cau true he thong DES........................................................................35
2.5.2. Phan tich va thiet ke S-box...................................................................42
2.5.3. Khao sat su phu thuoc ciia du lieu...................................................... 46
2.5.4. Cac he thong DES trong thirc te ......................................................... 53
10. Quan trj va bdlo m$t mgng kh6ng day
2.6. He thong RSA............................................................................................. 58
2.6.1. C4u true he thong RSA....................................................................... 58
2.6.2. Phan tich dSc diem cua h$ thong RSA.............................................. 59
2.7. He thdng mat ma Merkle Heilman Knapsack........................................... 61
2.8. He th6ng mat ma dang Ellip (ECC)...........................................................66
2.8.1. Nguyen ly boat dong cua thuat toan...................................................66
2.8.2. Kha nang bao mat cua thuat toan........................................................70
2.9. MD4, MD5....................................................................................................70
2.10. Thuat toan SHA.........................................................................................73
2.10.1. Giai thieu tong quan..........................................................................73
2.10.2. Mot so dac diem cua cac thuat toan SHA.........................................74
2.10.3. Cac phep toan duqc diing trong thuat toan SHA............................. 74
2.10.4. Cac ham va hang s6 duqc sir dung trong thuat toan SHA...............75
2.10.5. Qua trinh tien xit ly............................................................................77
2.10.6. Thuat toan bam ...................................................................................80
2.11. Cac thuat toan dimg de xac thirc............................................................115
2.11.1. He thong Elgamal.............................................................................116
2.11.2. Dang thuc khac cua he thong Elgamal...........................................118
2.11.3. H? thong Ong-Schnorr-Shamir (OSS)............................................119
2.11.4 Dang thirc khac cua he thong OSS.................................................120
2.12. Quan ly khoa.............................................................................................122
2.12.1. Giai thieu v6 ciu true he thong quan ly khoa................................ 122
2.12.2. Quy trinh tao khoa............................................................................123
2.12.3. Quy trinh phan phoi khoa.................................................................124
ChiroTig 3: TONG QUAN VE HE THONG GSM.............................................129
3.1. Cau true tong quit cua he thong GSM.....................................................129
3.1.1. Tram di dong (MS).............................................................................129
3.1.2. He thong tram goc (BS).................................................................... 130
3.1.3. He thong chuyen mach mang (NSS)................................................ 131
3.1.4. He thong khai thac bao duong (OSS)...............................................131
3.2. Mo hinh OSI cua he thong GSM............................................................. 132
ChiroTig 4: CAC THUAT TOAN MAT MA HIEN DUNG TRONG GSM....133
4.1. Cac dac diem bao mat ciia he thong GSM............................................133
4.1.1. Trung tarn xac thuc (AuC)............................................................. 134
11. Mgc Igc
4.1.2. Bo ghi djnh vi thuomg tni (HLR)......................................................134
4.1.3. Bo ghi dinh vj tam tru (VLR)...........................................................135
4.1.4. Bp xac thirc thue bao (SIM)..............................................................135
4.1.5. IM Sl& TM SI..................................................................................... 136
4.1.6. Tieu chuan ma hoa trong GSM..........................................................136
4.2. Cac thuat loan tin cong trong GSM.......................................................137
Chirffng 5: t An CONG CAc THUAT TOAn MAT MA...............................138
5.1. Cac khai niem co ban................................................................................138
5.2. Cac phuong phap tin cong DBS..............................................................139
5.2.1. Sir can bing giila bp nho va thoi gian giai m a................................ 139
5.2.2. Phuong phap tan cong DES.............................................................. 141
5.3. Tan cong he thing RSA............................................................................148
5.3.1. Phucmg phap phan tich khoa bi mat.................................................148
5.3.2. Phuorng phap giai ma timg phin.......................................................151
Chu-oTig 6: Ap d u n g CAC THUAT TOAn MAT MA VAo HE THONG
GSM......................................................................................................
6.1. Mot so dac diem cua he thing GSM........................................................153
6.2. So sanh hieu suat cua cac thuat toan mat ma.......................................... 153
6.2.1. Thai gian tinh toan.............................................................................. I54
6.2.2. Rich thuac khoa.................................................................................. I55
6.2.3. Bang thong...........................................................................................I55
6.3. Ap dung thuat toan ECC vao GSM........................................................... 156
Chirong 7: MANG KHONG DAY..................................................................... 158
7.1. Giai thieu ve Wireless LAN (WLAN).....................................................158
7.1.1. Wireless LAN la gi?........................................................................... 158
"^.1.2. Ljeh sir ra dai.......................................................................................158
7.2. Cac mo hinh WLAN.................................................................................. I59
7.2.1. Mo hinh mang Ad hoc (Independent Basic Service Set - IBSS)....159
7.2.2. Mo hinh mang co so (Basic Service Set - BSS)................................160
7.2.3. Mo hinh mang mo rpng (Extended Service Set - ESS)....................160
7.2.4. Uu diem eiia WLAN........................................................................... 161
7.2.5. Nhupc diem cua WLAN.....................................................................162
7.3. Cac tieu ehuan mang khong day (Wireless LAN)....................................162
12. 10 Qu^n trj va b^o mgt mgng kh6ng dSy
ChiroTig 8: CAC THIET BI HA TANG MANG KHONG d AY.......................164
8.1. Cac thiSt bi ha tang mang khong day........................................................ 164
8.1.1. Diem truy cap AP (access point)....................................................... 164
8.1.2. Cac che dp boat dong cua AP.............................................................165
8.1.3. Cac thiet bi may khach trong WLAN................................................166
Chirffng 9: b AO MAT MANG KHONG d Ay ..................................................169
9.1. Tai sao phai bao mat mang khong day?...................................................169
9.2. Bao mat mang khong day..........................................................................170
9.3. Ma hoa.........................................................................................................172
9.3.1. Vector khai tao IV .............................................................................175
9.3.2. Che dp phan hoi (Feedback Mode)...................................................175
9.3.3. Thuat toan WEP (Wired Equivalent Privacy).................................175
9.4. Cac giai phap bao mat noi bat...................................................................179
9.4.1. WLAN VPN.......................................................................................179
9.4.2. TKIP (Temporal Key Integrity Protocol).........................................180
9.4.3. AES (Advanced Encryption Standard).............................................180
9.4.4. 802.1X va EAP....................................................................................181
9.4.5. WPA (Wi-Fi Protected Access)........................................................ 183
9.4.6. WPA 2 ................................................................................................ 183
9.4.7. Lpc (Filtering).....................................................................................184
9.5. Cac kieu tan cong trong mang WLAN.....................................................186
9.5.1. Rogue Access Point...........................................................................186
9.5.2. Tan cong yeu cau xac thirc lai (De-authentication Flood Attack)... 188
9.5.3. Fake Access Point.............................................................................. 189
9.5.4. Tan cong dua tren sir cam nhan song mang lop vat ly....................189
9.5.5. Tan cong ng5t ket noi (Disassociation Flood Attack).....................190
Chu-OTig 10: TIM HIEU VE IDS TRONG LAN v A IDS TRONG MANG
KHONG d Ay .................................................................................191
10.1. IDS (Intrusion Detection Systems) trong LAN....................................191
10.1.1. Khai niem ve ID S............................................................................191
10.1.2. Phanloai IDS...................................................................................191
10.1.3. Cac ky thuat xu ly du lipu dupe sir dung trong cac he thong
phat hipn xam nhap..........................................................................194
10.2. Wireless ID S........................................................................................... 196
10.2.1. Wireless IDS la gi?.......................................................................196
13. Myclyc 11
10.2.2. Nhiem vu cua WIDS.........................................................................196
10.2.3. Mo hinh boat dong............................................................................ 197
10.2.4. Giam sat luu lugng mang.................................................................198
10.3. Mot so san pham WIDS........................................................................... 199
10.3.1. AirDefense........................................................................................ 199
10.3.2. AirMagnet......................................................................................... 199
10.4. Cau hinh cho AP tham gia vao IDS........................................................200
10.4.1. Cau hinh cho AP a che do scanner mode.......................................200
Chiro-ng 11: CAu HINH MANG KHONG DAY.............................................. 204
11.1. Ket noi mang khong day theo mo hinh Ad hoc......................................204
11.1.1. Yeu cau...............................................................................................204
11.1.2. Thuc hien............................................................................................204
11.2. Thiet lap BSS voi access point va 2 PC bao mat ca ban cho BSS...... 214
11.2.1. Yeu cau............................................................................................... 214
11.2.2. Thirc hien............................................................................................214
11.3. Liru trir nang c4p Image (lOS) cho thifit bi..............................................227
11.3.1. Muc dich.............................................................................................227
11.3.2. Yeu cau............................................................................................... 227
11.3.3. Thuc hien............................................................................................227
11.4. Cau hinh Access Point ki6m tra nhicu d6ng kcnh va iihicu cSn keiih .. 232
11.4.1. Yeu cau...............................................................................................232
11.4.2. Thirc hien............................................................................................232
11.5. Ciu hinh WPA Pre-Shared key (Wi-Fi Protected Access) cho AP..... 235
11.5.1. Yeu cau............................................................................................... 235
11.5.2. Thuc hien............................................................................................235
11.6. Ciu hinh VLAN tren API 130AG cua Cisco - Routing InterVLAN
trong mang wireless..................................................................................242
11.7. Su dung NetStumbler giam sat mang, kiSm tra thong lugmg mang
bang QCheck, sir dung tinh nSng MAC filtering....................................252
11.7.1. Sir dung NetStumbler........................................................................252
11.7.2. Loc dja chi MAC................................................................................253
11.7.3. Diing QCheck kiem tra thong luong.................................................257
ChiroTig 12: THIET KE HE THONG PHAT HIEN XAM NHAP WIDSPRO.. 261
12.1. Gioi thieu chuong trinh............................................................................. 261
12.2. Thrc hien cac chinh sach cho WIDS......................................................262
14. 12 Qu^n trj va b^o mgt mgng kh6ng day
12.3. Cac thanh phan cua Snort.......................................................................262
12.4. Cau true ciia mpt rule trong Snort wireless...........................................263
12.5. Download cac g6i phan mem................................................................ 264
12.6. Qua trinh cm dat va cau hinh.................................................................264
12.6.1. Cai dat thu vien libpeap...................................................................264
12.6.2. Cai dat pere...................................................................................... 265
12.6.3. Cai dat mysql................................................................................... 265
12.6.4. Cai dat snort-wireless......................................................................265
12.6.5. Cau hinh snort.conf..........................................................................266
12.6.6. Thiet lap rule cho snort....................................................................270
12.6.7. Chuan hi mysql cho snort................................................................272
12.6.8. Kiem tra ca so du lieu snort trong mysql.......................................273
12.6.9. Chay snort va kiem tra.....................................................................274
12.6.10. Cai dat apache server.....................................................................277
12.6.11. Cai dat PHP.................................................................................... 277
12.6.12. Cai dat acid.................................................................................... 277
12.6.13. Cai datjpgraph...............................................................................278
12.6.14. Cai dat adodb.................................................................................278
12.6.15. Cai dat card mang wireless tren Linux.........................................278
12.7. Chuong trinh........................................................................................... 281
12.8. Tim hieu ve thiet bi AirPeap...................................................................282
12.8.1. Gioi thieu......................................................................................... 282
12.8.2. Dac diem ciia AirPeap.....................................................................283
12.8.3. Cac dong san pham..........................................................................284
ChiTOTig 13: TiM HIEU VE VPN........................................................................285
13.1. Khai ni?m VPN....................................................................................... 286
13.2. Cac thanh phan can thiet de tao ket noi VPN.......................................286
13.3. Cacloai VPN...........................................................................................287
13.3.1. Client-to-Site.................................................................................... 287
13.3.2. Site-to-Site....................................................................................... 288
13.4. Cac giao thuc dimg cho VPN..................................................................288
13.4.1. Mot chuan duqc khuyen nghi dimg cho duong ham......................288
13.4.2. Cac giao thuc duqc thirc hiqn tren OSI lop 2 .................................289
13.4.3. Cac giao thirc duqc thuc hien tren OSI lop 3 .................................290
15. Myc lyc 13
13.4.4. Cac giao thiic duac thirc hi?n tren OSI lop 4 .............................292
13.5. Bao mat trong VPN..................................................................................292
13.6. Ket luan.................................................................................................... 293
Chu-oTig 14: GIAO THlTC BAO MAT SSL........................................................294
14.1. Ca che boat dong ciia SSL..................................................................... 294
14.2. Cac giao thiic bao mat SSL.................................................................... 296
14.2.1. Giao thiic truyin dii lieu SSL (SSL record protocol)....................297
14.2.2. Giao thuc thay doi thong s6 ma (Change cipher spec protocol)... 298
14.2.3. Giao thurc canh bao (Alert protocol)................................................298
14.2.4. Giao thuc bat tay (Handshake protocol)......................................... 298
14.3. Cac thuat toan su dung trong SSL..........................................................301
14.4. LTng dung va tinh pho bi6n ciia SSL trong VPN.................................... 301
14.5. Ket luan.................................................................................................... 303
ChiroTig 15: TIM HIEU VE OPENVPN.............................................................304
15.1. Ljch su phat trien ciia OpenVPN............................................................304
15.2. LTu diem cua OpenVPN.......................................................................... 304
15.3. Cac phien ban ciia OpenVPN.................................................................. 306
15.3.1. OpenVPN phien ban 1..................................................................... 306
15.3.2. OpenVPN phien ban 2 ..................................................................... 307
15.3.3. OpenVPN phien ban 2.1.................................................................. 308
15.4. OpenVPN................................................................................................. 30g
15.4.1. Cai dat OpenVPN.............................................................................308
15.4.2. Cau hinh OpenVPN......................................................................... 309
15.4.3. Bao mat OpenVPN.......................................................................... 310
15.4.4. Nhugc diem cua OpenVPN.............................................................315
15.5. Cac mo hinh trien khai OpenVPN..........................................................316
15.6. Bao mat he thong OpenVPN................................................................... 318
15.7. So sanh OpenVPN voi IPSec VPN.........................................................3I8
15.8. Ket luan................................................................................................... 319
ChuoTig 16: TRIEN KHAI MANG VPN SITDUNG HE THONG OPENVPN. 320
MO HINH A ......................................................................................................320
16.1. Mo hinh trien khai....................................................................................320
16.2. Tien trinh trien khai chung...................................................................... 321
16.3. Cai dat OpenVPN.....................................................................................32i
16. 14 Qu^in trj bao mgt mgng kh6ng day
16.3.1, Cm dat OpenVPN server tren Windows server 2003.....................321
16.3.2. Cai dat OpenVPN client tren Windows 7........................................327
16.4. Cau hinh OpenVPN................................................................................. 327
16.4.1. Ciu hinh tren OpenVPN server (Windows server 2003)...............327
16.4.2. Cau hinh tren OpenVPN client (Windows 7)...............................332
16.4.3. Cau hinh tren Router.........................................................................333
16.5. Ket noi OpenVPN.................................................................................... 335
16.5.1. Khoi tao OpenVPN server (Windows server 2003).......................335
16.5.2. Khai tao OpenVPN client (Windows 7)..........................................337
MO HINHB......................................................................................................339
16.6. Mo hinh trien khai.................................................................................... 339
16.7. Cm dat OpenVPN..................................................................................... 340
16.7.1. Cai dat OpenVPN server tren Windows server 2003.....................340
16.7.2. Cai dat OpenVPN server tren Fedora 11.........................................344
16.7.3. Cai dat OpenVPN client tren Windows 7........................................345
16.7.4. Cai dat OpenVPN mobile client tren Smartphone..........................345
16.8. Cau hinh OpenVPN................................................................................. 348
16.8.1. Cau hinh tren OpenVPN server (Windows server 2003)...............349
16.8.2. Cau hinh tren OpenVPN client (Windows 7)................................. 354
16.8.3. Cau hinh tren OpenVPN server (Fedora 11).................................. 354
16.8.4. Cau hinh tren OpenVPN client (Smartphone cai Windows
Mobile 6.1)....................................................................................... 357
16.8.5. Cau hinh tren Router.........................................................................357
16.9. K6t n6i OpenVPN.................................................................................... 359
16.9.1. Khai tao OpenVPN server (Fedora 11)...........................................359
16.9.2. Khai tao OpenVPN client (Windows 7)..........................................360
16.9.3. Khai tao OpenVPN client (Smartphone - Windows Mobile)......360
Chirtmg 17: XAY Dl/NG CONG CU TRIEN KHAI OPENVPN....................362
17.1. Giao dien cai d at...................................................................................... 362
17.2. Giao dien cau hinh................................................................................... 363
17.2.1. Static key...........................................................................................363
17.2.2. Djmamic key..................................................................................... 367
17.3. Ket luan.....................................................................................................378
Tai lieu tham khao..................................................................................................379
17. C hircyng 1
GI6i THIEU MAT m A
1.1. Giol thifu tong quan ve mat ma
Vao thang 01 nam 1917, bp truong ngoai giao Dire Arthur Zimmermann
gui mot biic dipn tin dupe ma boa den dai sir quan Due a Mexieo City. Bue dien
nay d2 bi nghe len va dupe giai ma bai mot nguoi giai ma nguoi Anh.
Trong suot ehien tranh the giai Ian thu hai, NSA (National Seeurity
Ageney) da giiip hai quan My giai ma eae thong diep eiia ngubi Nhat va ehinh
dieu nay da gop phan to Ian cho thang Ipi sau do eiia quan My tai Midway va dao
Solomon. Chua day hai n3m sau do, nguai nghe trpm eiia NSA da lay dupe Ijeh
bay eiia do doe Yamamoto, ehi huy hai quan Nhat Ban va nguai ra quyet dinh tan
eong Pearl Harbor, ngubi My da ban rai may bay eua ong ta. Mot ke hoaeh khae
eiia NSA, ke hoaeh Vern, la ehan va giai ma thong tin tinh bao eua Lien X6 dupe
truyen di bang dubng eap tu nam 1942 den 1946.
Cae inoe lieh su tren da eho ta mot cai nhin so lupe ve su phat trien va tarn
quan trpng eiia viec bao mat.
Mat ma ra dbi tu rat sbm de phpe vu eho mue dieh bao mat thong tin. Mat
ma tham chi da xuat hien tu thbi cac Pharaoh Ai Cap dubi dang cac ky hieu thay
the va day chinh la khai nguyen ciia mat m3, mac dii thbi do no dupe xem nhu
mot trb chai, mot dang cau do.
Mot trong nhung each tot nhat de bao mat thong tin la phai lam sao che
giau thong tin hieu qua den muc nhung ngubi muon lay thong tin do khong nhan
ra su ton tai ciia no, nghla la hp khbng biet r3ng thong tin hp can dang hien dien
trubc mat hp. Chang han, ta thay the cac bit it c6 y nghTa nhat trong chuoi bit
bieu dien anh bang thong tin ta can giu bi mat, nhu vay hinh anh khbng bj thay
dbi nhieu (vi su thay dbi cac bit it quan trpng se lam mau sac hay dp sang thay
dbi trong mot bien dp rat nhb ma mat ngubi khbng phan biet dupe) va ngubi tim
kiem thbng tin chi thay mot buc anh binh thubng ma khbng nhan ra dang sau do
la thbng tin bi mat. Thuc te, thbng tin cb dp dai 64 KB cb the de dang chen vao
mot biic hinh 1024x1024 pixel.
18. 16 Qugn trj va b^o m|it mgng kh6ng d5y
Trong thS giai s6, ta c6 the hinh dung cac thuat toan mat ma giong nhu
nhimg phuang phap due gach con cac chuoi bit 0 hoSc 1 la nguyen lieu de due,
mpt phuorng phap tot se cho ra nhung vien gach chSc chin va kho hi pha vo de
phan tich nguyen lieu, tim thay thong tin ban dau.
1.2. Ma hoa so li^u (Data Encoding)
S6 lieu cung cip tu may tinh hoac cac thiet bj dau cuoi so lieu thuong 6
dang nhj phan dem cvtc (unipolar) vai cac bit 0 va 1 duac the hien vai ciing muc
dien thi am hoSc duong. T6c do truyen ctia chting dupe tinh bang so bit truyen
tren 1 giay (bps).
Cac so lieu nay khi truyen di se dupe bien doi sang dang tin hipu so theo
nhung ky thuat ma hoa khac nhau. Cac tin hieu nay dupe d$c trung bing su thay
ddi muc dipn, t6c dp truyin cua chung, sp thay doi nay dupe gpi la toe dp dieu
che va dupe tinh bing baud.
Cac phuomg phap thong dung c6 the phan loai nhu sau:
- Ma hoa NRZ (Non Return to Zero)
- Ma luong cue (Bipolar)
- Ma nhi pha (Biphase)
- M5 Miller
- Ma nhi phan da muc (Multilever Binary)
Di so sanh cac loai m3 nay nguoi ta c5n cu vao cac yeu to sau:
- Pho tin hipu: pho tin cua tin hipu sau khi m3 hoa s5 quyet dinh den mpt so
khia canh cua vipc truyen so lipu nhu: dp rpng bang tan can thiet (cang it
thanh phin tin s6 cap thi bang tin cang hpp), kha nang ghep n6i vai
duong truyen khi tin hipu c6 muc dipn 1 chieu hay khong. Neu tin hipu
khong C
O thanh phin 1 chiiu thi c6 the ghep bing dong xoay chieu qua
bien ap, nha do each dipn tot va s6 giam su giao thoa do anh huemg cua
dipn 1 chieu.
- Kha nang dong bp tin hieu: mpt so loai ma hoa c6 the tranh dupe vipc
phai xac djnh thai diem bit dau va ket thuc ciia moi bit, nha do vipc dong
bp sS dan gian hom.
- Kha nang phat hipn sai: tuy theo ban chat ciia phuomg phap m3 hoa c6 the
cung cap kha nang phat hien tin hieu sai mpt each dan gian.
19. ChLfgng 1: Gib'i thi$u m$t ma 17
- Kha nang chong nhieu va giao thoa tin hi?u lam giam cic bit sai khi truySn.
- Muc do phurc tap va gia thanh.
1.2.1. Ma NRZ (Non Return to Zero)
Co the chia lam 3 loai m3 NRZ la:
- NRZ-L (Level)
dj = 1 —
>aj = +a
d| = 0 —
►
aj = -a
- NRZ-M (Mark) -» g$p du li^u la 1thi d6i trang thai a diu bit
- NRZ-S (Space) —
►
gap du li?u la 0 thi d6i trang thai a dau bit
Ca 3 loai nay d k c6 chung tinh chit la muc di?n khong thay d6i trong thoi
gian 1 bit. Day la loai ma dom gian nhit, Uong do NRZ-L chi dung dS t^o tin hi?u
so cho cac thiet bj dau cuoi va de truyen di thi phai su dpng them cac lo^ii ma khac.
Hai ma NRZ-S (c6n gpi la NRZ Invert 0) va NRZ-M (c6n gpi la NRZ
Invert-1) dupe x6p vao lo^i m3 nhj phan vi no thay d6i tr^ g thai theo epe tinh (0
ho3c 1) ciia phan tu kg chu khong theo gia tri tuypt d6i ciia ph3n tir hipn tai. Lpi
diem cua phuemg phap nay la c6 dp tin c$y tot hom NRZ-L vi no chi can xet sp
chuySn d6i muc dien chu khong c3n xac djnh muc dipn tuypt d6i theo c3c miic
ngu&ng, ngoai ra neu tin hipu bj dao ngupc epe tinh do c6 v3n dS a doi day
truyen cung khong anh hudmg.
Hinh 1.1 cho thay ph6 ciia tin hipu NRZ trong do phin 1dmn3ng lupng tap
trung giua thanh ph3n 1 chidu va t3n s6 bSng 1/2 cua tdc dp truydn.
Nhupc didm cua phuomg phap m3 hda nay la c6 th3nh ph3n 1 chidu Ion va
kho dong bp.
1.2.2. M3 nhj pha
M3 nhj pha cung bao g6m cac loai nhj pha L (con gpi la m3 Manchester), M
va S. Ngoai ra con c6 m3 nhj pha vi phan (con gpi la m3 Manchester vi phan)
dupe mo ta a hinh 1.1 va c6 thd tom tit quy luat m3 hoa theo s6 lieu sau:
- Nh| pha L
1= chuydn tir cao sang thap drgiua thai bit
0 = chuydn tir thap sang cao a giua thai bit
20. 18 Quan trj b^o nn#t mgng kh6ng day
- Nhj pha M
Luon chuy6n trang thai a bat diu thai bit va
1= chuySn trang thai a giua thai bit
0 = khong chuySn trang thai d giua thdi bit
- Nhj pha S
Luon chuydn trang thai d bat d3u thdi bit va
1= khong chuyen trang thai d giua thdi bit
0 = chuyen trang thai d giua thdi bit
- Nhj pha vi phan
-►dj = 0 ->• ai’= a’i_i; a ”= -ai’
dj= 1 -»ai’= -a’i_i;ai”=-ai’
Luon chuyen trang thai d gifta thdi bit va
1 = khdng chuyen trang thai d bat dau thdi bit
0 = chuyen trang thai d bat dau thdi bit
Tit ca loai ma nhj phan tdi thik cd 1 Idn chuydn tr?ng thai trong 1 thdi bit
va tdi da la 2 lin chuyen, nhu vay toe dp dieu che tdi da s6 gap ddi so vdi ma
NRZ va tuang ung dp rdng bang cung se tang len. Bit lai thi ma nhj pha cd cac
diem Ipi nhu sau:
- Vi sp chuydn ddi trang thai cd quy luat xac dinh trude ndn d d§u thu sS cd
thd ddng bp theo sp chuydn ddi nay. Do dd, ma nhj pha con dupe gpi la
ma tp ddng bp (Self-clocking code).
- Khdng cd thanh phan 1 chidu.
- Cd kha nang phat hipn sai n k khi thu khdng dung sp chuydn ddi trang
thai mong chd.
Hinh 1.1 cung cho thdy nang lupmg nhj pha tap trung d khoang tan sd tu
phan nua ddn 1 tdc dp bit, nhu vay dd dam bao phd tan thi dp rpng bang cung
khdng Idn.
1.2.3. Ma Miller
Sd lieu dupe ma hda bang ma Miller sd chuyen trang thai a giira thdi bit
neu la bit 1, neu Id bit 0 thi tuy theo bit di sau Id 1 thi sd khdng chuyen trang
thdi, con neu bit di sau k 0 thi sd chuyen trang thdi d cuoi thdi bit. Nhu vay
21. Chu’O
’ng 1: Gifri thi$u m$t ma 19
toi thieu c6 1 Ian chuyen trang thai doi voi 2 thdi bit va khong bao gia c6 ban 1
Ian chuyen trang thai a 1 thai bit.
Ma Miller c6 ixu diem la cung c6 the cung cSp ca chS tu dong bo va chi cin
toe dp dieu che thap hon, dp rpng bang nho hon so voi NRZ va Manchester.
Tuy nhien, trong trudng hop xSu nh§t khi gap cac chuoi bit 101 thi ma
Miller c6 the c6 thanh phan 1 chieu va dp rpng bang Ion hon NRZ. Ma Miller
con tiiy thupc vao gia tri bit kl tiep nen viec d6ng bp d ddu thu se kho khSn hon.
22. 20 Qudin trj vd b^o m$t m^ng khdng dfly
1.2.4. M3 nhj phan da mii-c
Mpt loai ma hoa khac la mi nhj phan da miic dung nhiSu hom 2 miic tin
hi?u. Trong hinh 1.1 mo ta vl dvi ph6 bien cua lo?ii m3 nay la m3 luSng eye
thuong dung cho tin hi?u PCM. M3 nay c6 t3n s6 giua bang thong la phan nira
t6c dp truySn. LTu diSm cua loai m3 nay la khong c6 thanh phan 1 chieu, nhung
l^i khong COkha n3ng dong bp.
1.2.5. M3 HDBn (High Density Bipolar n)
M3 lu6ng crc c6 nhupc di6m la khong thich hpp voi vipc truyen cac chuoi
bit 0 lien tpe, d d3u thu s3 khong d6ng bp dupe vipc nhto c3c chuoi nay. De kh3c
phpe hipn tupng nay nguoi ta dung m3 ludng epe mat dp cao HDBn vdi nguyen
tie Chung la neu c6 nhiiu hem n bit thi bit thu n+1 s5 dupe thay bing 1 muc
Mark (nhu bit 1 sau khi m3 hoa).
Co nhieu lopi m3 HDB1, HDB2, HDB3... nhung pho bien nhat la m3 HDB3.
Nguyen tic m3 hoa cua HDB3 la neu gjp 1 chuoi bit 0000 thi sS thay bing
1 chuoi d3c bipt:
- MOOV niu c6 s6 bit 1 chin (ho^c khong c6 bit 1) tinh tu chuoi d^c bipt
trude do trd Ipi.
- 000V cho mpi trudng hpp khac.
Ghi chu: M va V la muc Mark c6 cung epe tinh va ngupc epe tinh vdi bit 1
truoc do. D6i vdi chudi 0000 dau tien cua tin hipu c6 thi chpn m3 tuy f bing
OOOVhay MOOV.
Vi dp: Chuoi bit 1011 1000 0101 0000 0000 1100 0001 dupe m3 hda nhu
hinh 1.2.
L O l l l O O O O l O l O O O O O O O O l l O O O O O l
^ x._
MOOV MOOV MOOV
Hinh 1.2: Ma hda HDB3.
23. Chuang 1: Gi6'i thi$u m$t ma 21
Ma HDB3 thu6mg dung trong he th6ng PCM voi cac bac t6c dp 2.048 kbps,
8.448 kbps va 34.368 kbps.
Hinh 1.3 la m$t dp pho cua cdc loai ma hoa khac nhau, trong do:
- R: Toe so tin hipu so lipu (bps)
- f: Tan so tin hipu sau khi ma hoa
- S(t): Tin hipu sau khi m3 hoa
- Eb: tin hipu so lipu
Hinh 1.3: Mgt dppho cua ede logi ma hoa.
1.3. Ph^t hipn v3 sira sai
De c6 the kiem tra xem du lipu thu dupe eo bj sai khong, trong ehuoi dO
lipu sS dupe them v3o e3e bit kiem tra. Phuomg ph3p n3y gpi ehung la phuorig
phap Idem tra du thua (Redundaney error-eheek method), vi ede bit kiSm tra
khong lien quan den npi dung thong tin truyen. Phuemg phap dem gidn nhat Id
them 1 bit d tung ky tp, gpi la kiem tra theo ehidu dpe VRC (Vertieal
Redundaney Cheek). De eo the kiem tra ed mpt kh6i du lipu ngudi ta thudng
dimg 2 phuomg phdp: LRC (Longitudinal Redundaney Cheek) vd CRC (Cyelie
Redundaney Cheek).
24. 22 QuSn trj vA bAo m$t mgng kh6ng dSy
Trong thong tin n6i tiSp d6ng bp byte BCC (Block Check Character) duoc
xay drag theo 1 trong 2 phuong phap kiem tra tren.
1.3.1. LRC
Phuomg phap nay con duac gpi la kiStn tra theo chieu ngang, vi no c3n cii so
bit C
Ogia tri 1o timg thii hr bit ciia tit ca cac ky hr truyen trong khoi nhu vi du sau:
Cac ky tu truyen A B C D E F G BCC
(ma ASCII) I 0 1 0 1 0 1 0
0 1 1 0 0 1 1 0
0 0 0 1 1 1 1 0
0 0 0 0 0 0 0 0
0 0 0 0 0 0 0 0
0 0 0 0 0 0 0 0
1 1 1 1 1 1 1 1
VRC bit — ►0 0 1 0 . I 1 0 1
t
LRC bit
BCC dupe xay drag theo each nay doi khi con dupe gpi la tong kiem tra.
Phuemg phap nay thpc hipn don gian cho phep xac dinh bit sai trong khoi neu c6,
nhrag niu c6 2 bit sai a ciing mot hang thi cung khong the x4c dinh dupe cp the
bit cua ki tu nao sai.
1.3.2. CRC
C
) phuomg phap CRC cac bit cua kh6i du lieu dupe dich trai lin lupt va chia
cho mot gia tri so nhj phan xac djnh bing phep toan module-2. Ket qua ciia phan
du cua phep chia chinh la gia tri CRC va dupe dung lam BCC trong phuomg thiic
truyin ding bp. (3 diu thu sg dupe thuc hien phep chia tuomg tu doi vai thong tin
va so sanh phan du cua phep chia vai cac gia tri BCC thu dupe, neu giong nhau
la khong c6 sai. Ma CRC thubng dai tir 12 den 32 bit.
Ngu dimg phuomg phap CRC vai thii tuc tu dong truyen lai (ARQ-
Automatic Repeat reQuest) c6 the giam toe dp bit sai rat nhieu. Vi dp vdi 16 bit
CRC cho phep chi c6 mpt bit sai khong phat hien dupe trong 10 bit truyen.
1.3.2.1. Cdch tin'n CRC
Cac bit du lieu se dupe vigt thanh mpt da thuc theo trinh tp truygn, vi du
chuoi bit truygn la 110101 thi ta c6 da thuc:
25. Chu’
O'ng 1: Gi6’
i thi$u m$t ma 23
M (x) = (1 )x^ + (1 )x‘
* + (O)x^ + (1)x^ + (0)x' + (1)x“
= X
* + x'*+ x^ + 1
Gia su s6 bit CRC la C, ta se chon 1da thiic bit ki G(x) c6 bac C, vi du C = 3
chon G(x) = x^ + 1.
Sau do Ian luot thuc hi$n cac phep ti'nh sau:
- Nhan M (x) cho x':
x'^MCx) = X
* + x’ + x^ + x^
- Chia x" M(x) cho G(x) ta se c6 kSt qua la Q(x) vai phSn du la R(x):
x‘M(x)/G(x) = Q(x) + R(x)/G(x)
Theo vi du tren ta c6:
-x’ + x^ + x^
x« +
x’ +
x’ + x'*
x'' + x^
x“ +
X^ + X
x^+ 1
x^ + x'' ■ x' +1
x^+ 1
m
Nhu vay Q(x) = x^ + x'*+ x' + 1 va R(x) = x + 1
- Tlnh da thuc T(x) = x‘M(x) + R(x):
T(x) = X
*+ x’ + xVx^ + X+ 1
- Doi tu T(x) tro lai chu6i bit theo nguyen tie Uromg tu, kft qua chi'nh la
chuoi bit truyen vai cac bit sau cung la CRC:
(l)x* + (l)x^ + (O)x'' + (l)x’ + (0)x‘
' + (l)x^ + (O)x^ + (l)x‘ + (l)x‘’
Chuoi bit can truyen: 110101011
Thong tin can truyen CRC
C) dau thu sau khi nhan duac chuoi bit la T(x) dung phep toan module-2
chia cho G(x) neu phan du la 0 thi du lieu khong sai. Ta c6 the de dang chung
minh duoc:
26. 24 Qu^in trj va b^o mgt mjing khOng dSy
T(x) = x‘M(x) + R(x)
va x‘^M(x)/G(x) = Q(x) + R(x)/G(x)
suy ra; T(x)/G(x) = Q(x) + R(x)/G(x) + R(x)/G(x)
= Q(x) + (l + l).R(x)/G(x)
Vi doi vdri phep loan module-2 thi 1 + 1 = 0
nen T(x)/G(x) = Q(x) hay R(x) = 0
(phep chia T(x) cho G(x) khong c6 phan du)
B6n da thuc G(x) thong dvmg la:
c = 12 ^ G(x) = x'^ + x" + x^ + x^ + X+ 1
c = 16 G(x) = x'®+ x'^ + x^ + 1
c = 16 G(x)= x'^ + x'^ + x^ + 1 (chuan cua CCITT)
c = 32 ^ G(x)= x^^ + x^* + x“ + x^^ + x'* + x'^+ x"
+ x'° + X
* + x^ + x’ + x'' + X^ + X+ 1
1.3.2.2. Thuc hi?n ma CRC
Mpt uu diem cua ma CRC la vi?c tao va giai m3 rit dl thirc hi^n bang phan
cimg. Phep todn MOD-2 va phep djch c6 the th^ic hi?n bang each dimg cac thanh
ghi ket heprp voi dudmg hoi tiep bSng cong RX-OR. 556 tang cua thanh ghi djch
bang voi bac C ho^c so bit m3 CRC.
Hlnh 1.4 cho ta mpt vi dp ve m<ich tao m3 CRC 3 bit voi G(x) = x^ + 1.
Thong b3o
Hinh 1.4: Mach tao ma CRC 3.
D6 gidi thich boat dong cua mach, cho thong tin vao la 110101 va sS dupe
them vao so bit 0 bang vdi so bac C.
27. Chtfqng 1: Gi6fi thi$u mgt ma 25
X X X
^'
1 1
------- 1
Thong bao; 110101
0 ^0 0 fy? ' 1 0 1 0 1 0 0
1 0 ^ 1
) T ' 0 1 0 1 0 0 0
2 0 1 1 0 1 0 1 0 0 0
3 1 1 0 1 0 1 0 0 0
4 1 0 0 0 1 0 0 0
5 0 0 1 1 0 0 0
6 0 1 1 0 0 0
“
7 1 1 0 n n
8 1 0 1 0
9 0 1 1
1
1
1Anglian 1 I (I 1 0 I 01 CMC
Nhu vay sau 9 ISn djch thi trong thanh ghi se chiia gia tri ma CRC c4n c6.
Mach too va kiem tra CRC thuong nSm trong chip dilu khifin vi$c truygn
tin nhu chip Motorola MC6852 ADLC (Advanced Data Link Controller), chip
Intel 8273 diSu khlen thii tuc truySn HDLC lap trinh ducrc, dSu tr dong thrc hien
cac chuc nang nay vai ma CRC 16 bit.
1.3.3. M3 sua sai Hamming
Richard Hamming ciia h3ng Bell d3 dua ra khdi ni?m v6 khoang each m3 la
s6 bit khac nhau giua 2 tir ma, vi du ky tu B c6 m3 ASCII la 1000010 va ky tvr C
la 1000011 se c6 khoang each m3 la 1 vi chi c6 1 bit khac nhau. Khoang each
nay con dupe gpi la khoang edeh Hamming.
Tu khai niem nay Hamming d3 dua ra m3 Hamming c6 kha n3ng khong chi
phat hien sai m3 ma c6 thd sua sai mot so bit nhat djnh. Moi tu m3 se dupe xen
lln va mot so bit kiem tra a mpt s6 vj tri nhit dinh trong tu m3.
De minh hpa ung dpng cua ma Hamming, xet truong hpp m3 hoa cho cac
s6 thap luc phan tir 0 din F b3ng 4 bit m3. Ta sS xen vao do 3 bit da c6 the cho
phep a dau thu phat hien dupe 2 bit sai trong 1tu va sua sai dupe khi c6 1 bit sai.
Gpi m3 m2 ml mO la 4 bit m3 thong tin va c2 cl cO la 3 bit kiam tra, cac bit
se dupe sip xap thanh 1 tir m3 nhu sau: m3m2mlc2m0clc0.
3 bit kiam tra dupe tinh bing each EX-OR cac bit thong tin nhu sau:
29. Chu’O
’ng 1: GI6'i thigu m^t ma 27
hien nhu mo ta a hinh 1.5a. Neu khong nen thi phai diing ma nhj phan 4 bit, tuy
nhien can cii theo kha nang xuat hien cac mire nhiet do c6 thd ap dung phuong
phap nen Huffman de c6 so bit trung binh cho moi ma nho hom 4.
Hinh 1.5b mo ta each tao theo nguyen tac:
- Ma ngan nhat se danh cho mtic nhiet dp xay ra thudng xuyen va ngupc lai
- Hai gia tri 0-1 se Ian lucrt gan cho 2 kha nang xuat hien nho nhat, 2 kha
ndng nay sau do dupe gpp lai bang each cpng 2 gia tri nay thanh 1 kha nang
khac. Sau do s4p xdp lai sao cho luon c6 thir tu giam din tir tren xu6ng.
- Qua trinh nay lap lai cho den khi 2 kha nang cuoi ciing dupe gpp lai.
Hinh 1.5: (a) Kha nang xudt hi^n ede muc nhiet do,
(b) Cdch tgo md nen Huffman, (c) Bang ma irng v&i ede mire nhi$t do.
30. 28 Qujin trj b^o m$t rngng kh6ng day
- Ma tuang ling cua moi miic nhiet dp dupe hinh th ^ h bang each lay ede
bit 0 hodc 1 tren duong di xuat phat tir mure nhipt do nay va theo thu tp bit c6 y
nghia thap d ben trai do thi.
Tu bang m3 hinh 1,5c ta c6 the tinh dupe so bit trung binh cho mpt m3 la:
(0,21 X2) + [(0,17 + 0,15 + 0,12 + 0,10) x 3] + [(0,06 + 0,05 + 0,05) x 4] +
(0,04 X5) + [(0,03 + 0,02) x 6] = 3,18 bit
Nhu vay so lipu truyen s6 dupe giam khoang 20% so vdi truong hpp dung
m3 nhj phan 4 bit (khong nen).
31. Chipcyng 2
MQT SO THUAT TOAN MAT MA
2.1. Kh^i ni^m chung
Mat ma hpc la nganh hgc chuyen nghien cuu ve mat ma dS phyc vy cho
viec truyen tin bao mat giua dau phat va dau nhM, hai diu cu6i ciia qua trinh
truyen tin c6 the la con nguoi, cac tien trinh trong h? thong may tinh hojc tren
mang... Ma hoa la mpt dang d$c biet cua mat ma, a day cac ky tr hay mgt nhom
ky ty duoc thay the bang mpt nhom bit hay mpt nhom ky ty khac theo myt bang
ma. De xay dyng bang ma ta phai nhan dang tir, nhom tir hay mpt cau, tham chi
mpt doan van de thyc hipn thay the. Trong ky thuat mat m3 hay m3 hoa thi thong
tin tho luc ban dau dupe gpi la Plaintext va sau khi dupe mat m3 hay m3 hoa thi
no chuydn sang mpt dang khac gpi la Ciphertext. Qua trinh dung thuat toan ma
hoa de chuyen thong tin tu dyng plaintext sang dyng ciphertext dupe gpi la qua
trinh myt mS. Qua trinh xvr ly de thu dupe plaintext tir ciphertext dupe gpi la qua
trinh giai ma.
Giai thuyt myt m3 (cipher) la mpt ham toan hpc dupe su dyng cho ma hoa
va giai m2.
Ta COthe xem myt m3 hpc bao gom hai bp phyn: bp phto chuyen nghien cuu
cac thuyt toan myt ma va bp phyn chuyen nghien cuu each pha cac myt ma do.
Myt ma phai dam nhipm cac nhipm vy nhu sau: ma hoa thong tin, xac thyc,
chong lyi kha nSng thong tin bi thay doi tren duong truyen... Tuy nhien, mpt he
thong mat m3 dem le khong the dam duong dupe tit ca cac nhipm vy nay, do do
de bao vp mpt hp thong thong tin ta phai dung ket hpp nhieu thuyt todn mat ma
khac nhau va dupe long gh6p vao ede giao thuc phu hpp.
- Plaintext: la thong tin chua dupe m3 hoa, no c6 thi la mpt chuoi cac bit,
mpt file vdn ban, mpt anh...
- Ciphertext: la thong tin da dupe ma hoa, no cung c6 the la mpt chuoi cac
bit, doi khi no cung kich thuac voi plaintext.
32. 30 Qu^n trj va bao mgt mgng khong day
Khoa ma hoa Khoa giai ma
Hinh 2.1: thong mat ma dent gidn.
N8u goi: M la plaintext, C la ciphertext, E la ham ma hoa {Encryption
Function), D la ham giai ma {Decryption Function) thi ta c6 phuong trinh sau:
C = E(M)
M = D(C) => M = D(E(M))
Ben canh do thi mat ma con phai dam nhiem them mot so chiic nang;
+ Xac thtre (Authentication): chuc nang nay gitip xac thuc ngudi gui,
tranh bj gia dang.
+ Toan vfn (integrity): day la chiic nang giiip dam bao thong tin giri di
khong bi thay doi.
+ Xac nhan thong tin (confldentiality): chiic nang nay gitip xac nhan
thong tin duoc giri tir mot ngudi nao do, tranh trudng hop ngudi gui tu
choi rang hp khong gui thong tin ma chinh hp da gui di.
N6u each ma hda dupe dam bao an loan bang each gin: bi mat giai thuat hay
khda, thi no c6 han che trong viec ap dung cho mot nhdm lam viec Idn hay c6 su
thay doi trong nhdm lam viec (ta phai thuc hien vipc truyen khda va mot so trd
ngai khac nua). Do dd, trong each ma hda hipn dai, de khac phpe dupe han che
tren thi ngudi ta dung chia khda kem theo vdi giai thuat tuong ung, nghia la
ngudi nhan cd thd giai ma bang chia khda rieng cua minh ma khdng can biet chia
khda dupe dimg de ma hda, va giai thuat ma hda va giai ma cung khac nhau.
Tien sTJ.C.H. Ryan cho ring, cac trang thai xu ly thong tin gdm: nhap, xuat,
luu tru, truyen va xu ly thi mat ma chi bao ve dupe hai trang thai: luu tru va truyen.
Xet tren quan diem khdng day, ta cd the bao vp viec truyen qua khdng gian
{over the air - OTA) bSng each ma hda dau cudi den dau cudi, do dd qua trinh xii
ly tin hieu cd the dupe bao ve bdi mat ma.
33. Chu’O
’ng 2: Mpt so thugt loan mgt ma 31
2.2. Sir tirong quan giira o khoa va chia khoa
Thong tin ma ta truyen di c6 the bj tan cong hay nghe trom, mat ma bao
gom ca 6 khoa Ian chia khoa giup bao ve thong tin cua chting ta. Co rSt nhiSu
thuat toan va khoa, thuat toan ciing voi khoa se xac djnh pham vi va kha nang
bao mat cua mat ma.
Gia sir rang mot hang khoa ban ra thi tnromg mot loai 6 khoa s6 (loai khoa
ma bang mot day so) va cong bo rong rai cau tao cua mpi chi tiSt ky thuat trong 6
khoa do. Alice mua mot 6 khoa loai nay va thay doi day so dimg de ma khoa theo
y cua C
Oay. 6 khoa phai dugc thiet ke hoan hao den mite khong ai (ke ca nha san
xuat) C
Othe tim ra day so moi nay. Ndu Alice quen mat khSu thi khong ai c6 thS
mb duac 6 khoa (ngoai trir viec dap vb 6 khba). Day chinh la tinh M n cua mat
mS, dac biet la kha nang bao mat ngay ca khi thuat toan duac phb bibn rong rai.
Alice con muon rang neu mpt ai do mu6n thu tit ca cac truong hap c6 thb
ciia day so de mb khba thi ngubi do phai mat rat nhieu thbi gian, day cung chinh
la mot dac diem quan trong cua mat ma.
Ta hay xem sqr tuang quan giua 6 khba va chia khba de xem lam each nao
Alice cb the bao ve dugc thong tin cua c6 ay. Gia sir rang Alice cb mot buc thu
trong do la thong tin bi mat va c6 ay khbng muon bat ky ai mb no ra ma khong
dugc phen. Thong tin trong bite thu cb the dgc dugc neu cb khba phu hgp de mb
buc thu. Khba bao ve buc thu phai dugc thiet ke sao cho neu cb ai do mb buc thu
mot each bat hgp phap thi ngi dung trong buc thu se lap tuc bi xba di, mgt s6 he
thong mat ma thuc te cung dugc thiet ke theo tinh than nhu vay.
Nhu tren da nbi, mac dii nguyen ly cua 6 khba thi ai cung bibt nhung khong
ai cb the mb khba cua Alice la nhb vao day so ma Alice cai dSt rieng tren 6 khba
cua minh (chia khba). Nhu vay neu day so cang dai, cang khb doan thi so trubng
hgp cb the cb khi ai db muon thu se tang cao, do db kha nSng bao mat cung se t2ng
len, he thong bao mat thuc te cung rat chu trgng den yeu to nay, thubng thi kha
nang bao mat cua cac hg thong db tSng len dang ke khi chieu dai khba ting len.
Nhu vay, nhieu ngubi cb the dung chung mgt loai 6 khba (mgt he thong mat
ma), chi can hg tu tao cho minh chia khba that tot (dai va khb doan) la dugc. Mac
du sau khi thu qua het cac trubng hgp thi ngubi tan cbng cb the mb dugc 6 khba,
nhung neu thbi gian de lam vice db dai hgn thbi gian can luu giu thong tin bi mat
(cb nghia la khi ngubi tan cbng cb the mb dugc 6 khba thi thong tin trong db cung
da Ibi thbi, khbng con gia trj) thi ta cb the xem hg thbng db la an toan, bao mat tbt.
34. 32 Qu^n trj va b^o mjit mgng khdng day
2.3. Phan loai c^c thuat toan mat m3
can cu vao nguyen ly boat dpng va tinh chat nguai ta phan cac giai thuat
m^t m3 thanh hai lo?i giai thuat chinh nhu sau: giai thu^t doi xung (symmetric)
va giai thuat bat doi xung (asymmetric).
- Gi3i thuat doi xirng: la giai thuat ma khoa ma c6 the dugrc suy ra tu khoa
giai ma va ngugrc l^i. Trong hau het cac tnrcmg hgrp thi khoa ma va khoa giai m3
gi6ng nhau va duong nhien la khoa nay du(jrc giu hi mat. Giai thuat nay dugrc
chia thanh 2 nhom:
+ Thuat to3n theo dong (Stream algorithm): thuat toan nay thyc hi?n
thao tac theo tvmg bit (doi khi timg byte) da li?u.
+ Thuat to3n theo khoi (Block algorithm): thuat toan nay thao tac theo
mpt nhom cac bit gpi la khoi (block), (hipn thoi nguai ta dang dung
rong rai khoi c6 kich thuac 64 bit, tuy nhien c6 the mo rpng len 128 bit,
256 bit hay 512 bit...).
- Giai thuat bat doi ximg: trong giai thuat nay kh6a giai ma khong the (it
nhat la do h ^ ch6 v6 mat then gian) tim ra dupe tu khoa m3. Do do trong giai
thuat nay ta c6 2 loai khoa do la: khoa cong cpng (public-key) va khoa ring
(private-key). Khoa cong cpng s5 dupe pho bien rpng r3i, con khoa ring s6 dupe
giu kin, vd sS rat kho neu ai do muon tim ra khoa bi m(it tu khoa cong cpng.
2.4. Cac c3ch m3 hda c a ban
Tir rat lau loai nguai d3 sir dpng 3 loai mat m3 ca ban d6 la: mat m3 hoan vi
(transposition), mat m3 thay the (substitution) va mat m3 h6n hap (product cipher).
2.4.1. Nguyen ly Kerckhoff
Kerckhoff (ten day du la Jean Guillaume Hubert Victor Francois Alexandre
Auguste Kerckhoff von Nieuwenhof) la nguai dau tien phan tach cac hp thong
thong thuong b3ng mpt khoa rieng bipt (nghTa la dimg khoa rieng de bao vp cac
hp thong thong thuong). Khai nipm quan trpng nay la: tit ca mpi nguai, tat ca cac
hp thong deu c6 the dupe bao vp bai mpt phuong phap mat m3 nao do. Sau do,
khi hp thong mat m3 khoa cong cpng dupe phat minh, ta d3 kiem chimg dupe
ring day la mpt phat biiu dung din. Tinh an toan cua hp thong tiiy thupc vao tinh
an toan cua khoa bi mpt. Cho dii mpt nguai nao do biet cau true hp thong, nguyen
ly boat dpng ma khong biet khoa bi mat thi cung khong lam gi dupe.
35. Chirong 2: M$t s6 thujt to^n m|t ma 33
2.4.2. Mat m3 ho3n vi
MSc du dugrc sir dung tir each day han bon ngan nSm, mat ma hoc ngay nay
van duoc xay dimg dura tren hai nen tang co ban do la hoan vi va thay th i Trong
mat ma hoan vi, cac ky ty (hay cac bit) cua ban tin can ma hoa duac thay d6i vj
tri theo mot trat tu nao do, sao cho ban tin sau khi thay doi cang khac voi ban tin
ban dau cang tot.
Vi du, ta c6 ban tin nhu sau:
DO AN TOT NGHIEP_DAI_HOC_
NGANH CONG_NGHE THONG____
TIN_HOC_VIEN_BUU_CHINH_VT
Viet lai ban tin nay theo hang doc ta sS c6 ban tin mai nhu sau;
DNTOGI ANAN NHH OTCCOO TNV_GIN_EGNNHG_IHBEEUP_
U_T_DHCAOHINI GNH_HO_C_V_T
Voi sir trg giiip ciia may tinh, ta c6 th6 hoan vj theo mot giai thuat phirc tap
hon nhieu, va trong thuat toan DES trinh bay d chuorng sau ta s5 thay no cung
thirc hien hoan vj theo mot giai thuat hdt siic phuc tap.
Trong thuat toan nay, ta thay khoa (trong trudng hop nay la giai thuat hoan
vi) phai dugc truydn ddn d3u ngudi nhan, day chinh la mgt khd khSn Idn va cung
la klio khan chung clio he IhOiig mat ma dOi xirng.
2.4.3. Mat ma thay thi
Trong mat ma thay the, cac ky tir trong ban tin ban d3u dugc thay thd bang
mot hay mot s6 cac ky tu khac theo mot quy tic nao do. Vi du, ta thay thi bang
chu cai bang each djeh sang trai ba ky tu ta dugc bang thay thd nhu sau;
A B C D E F G H I J K L M
D E F G H I J K L M N O P
N O P Q R S T U V W X Y Z
Q R S T U V W X Y Z A B C
- Gia su ta cd chudi plaintext: “THUAT TOAN MAT MA” theo bang tren
ta se thay the chu T bang chu W, chu H bang chu K... cu nhu vay ta dugc chudi
mdi nhu sau; “WKXDW WRDQ PDW PD”. Ngudi nhan chi can tra bang tren la
cd the chuyen ciphertext thanh lai plaintext. Mat ma dang nay da dugc dimg
trong quan su dudi thdi La Ma.
36. 34 Quan trj va b^o mjlt mgng kh6ng day
- Thay vi djch trai, ta c6 thS dimg mpt khoa bit ky (tham chi c6 the dung
bang nglu nhien). Vi dy, chpn MAGNETIC la khoa ta se duoc bang sau:
A B C D E F G H I J K L M
M A G N E T I C B D F H J
N O P Q R S T U V W X Y Z
K L O P Q R S U V W X Y Z
- Tuy nhien, khoa phai dupe chpn sao cho trong do khong c6 ky ty triing
nhau (vi nhu vay s6 khong phyc hdi dupe plaintext ban dau), vi dy: ta khong th6
chpn khoa MATMA vi c6 b6n ky ty trung nhau.
- Ta thSy ca hai loai mat ma tren d6u rdt don gian va rit de tin cong die bipt
v6i su trp giiip cua may tinh, tuy nhien trong cac he thong mat m3 phuc tap, neu
hai loyi mat m3 ca ban nay dupe su dyng mpt each hop ly sS c6 hieu qua rSt cao,
va thyc t6 d3 chung minh dieu nay (hp thong DES).
2.4.4. Mat m3 hon hpp
B3ng each kSt hpp hai loai mat m3 hoan vi va thay the ta sS c6 mpt loai mat
m3 mai gpi la mat m3 hon hpp {product cipher) vdi kha nSng bao mat cao han
hin so vai khi dung dan le mat m3 hoan vj hay thay th l Cac hp thong mat m3
noi tik g nhu DES (3DES) hay Rijndael cung thupc dang hSn hpp, chiing sir
dyng nhiSu phep hoan vi va thay th6 theo mpt dmh dang het sue phuc tap dd c6
the C
Odupe kha nSng bao myt cao.
M3c du myt m3 thay thS va hoan vi c6 thS d3 kha phuc typ nhung chung
van CO thS bj tin cong dupe bing phuang phap thing ke. Ve m$t y tuang,
ciphertext phai a dyng mpt chuoi ngau nhien gom cac ky ty hay cac bit de ngudi
tin cong khong thi suy doan gi khi hp phan tich no. Ngudi m3 hoa phai loyi tru
tat ca cac dau moi c6 the c6 ma cac dau moi nay c6 the giup ngudi tin edng c6
thi phyc hdi lyi plaintext. Ngudi bao mat se phai long cac hoan vi va thay the vao
nhau sao cho chung trd nen cang phuc typ cang tot, mdi Ian sir dyng cac long
ghep giua hoan vj va thay the nhu vyy ta gpi la mpt “dong”, nhiing hp thong bao
mat thyc ti sir dung 13p lyi rit nhiiu dong nhu vyy (nhu Uong he thong DES va ta
gpi nhung hp thong nay la hp thong mat m3 l§p), do do chung trd nen het sue
phuc typ va hiu nhu rit kho tin cong (tuy nhien vin c6 the tan cong dupe). Mpt
hp thong mat m3 13p dupe xem la bao mat tit khi khdng ai ke ca ngudi thiet ki
COthi giai m3 niu khong biit khoa bi mat. Vi hp thing mat ma I3p qua phuc typ,
ngudi tin edng khong thi tim each phan tich ciphertext di tim plaintext ma hp se
37. Chu'O’ng 2: MQt s6 thugt to^n m$t m§ 35
tim each thu tat ca cac khoa c6 the duac (mot dang tSn cong tiim thuong), va do
do da dam bao an toan cho he thdng, cac thuat toan mat ma phai duac thiet kg
sao cho chiing chong chju duac nhung kiSu tin cong tim thudng nhu vay (nghia
la thdi gian can thiit de c6 the tim ra khoa la rit Ion).
Hau het nhung he thong bao mat tit hien nay diu duac phi bien rgng rai di
tat ca moi ngudi deu c6 the tiep can va tim ra lo hing di tir do khic phuc va gitip
cho he thong ngay mot tot hem.
Hien nay c6 mot so thuat toan duac sir dung rit rong rai nhu: DES, RSA,
ECC... sau day chiing ta khao sat cac thuat toan do.
2.5. He thong mat ma DES
Ma private key duac chia lam 2 loai thong dung: ma hoa theo khii hay ma
hoa theo dong. Ma hoa theo khii chia plaintext thanh cac khii c6 kich thude ci
dinh va thao tac tren timg khii mot each dpc lap. Ma hda khii duac thuc hien
bang each diing them khoa, bien doi plaintext th^h ciphertext, mot dang khong
the hieu duac, va chi c6 the bien ddi nguac lai bing khda.
DES (Data Encryption Standard), duac phan loai nhu la mot each ma hda
theo khdi.
2.5.1. Cau true h? thong DES
Khoi plaintext X dau tien chuyin vj tri bing khdi too hoan vj IP (Initial
Permutation), IP(X) = (Lo,Ro). Sau do vao vdng lap cua qua trinh thay the va hoan
vi 16 lin, va no hoan vj theo each nguac lai (IP"') to c6 duac ciphertext Y.
DES dua tren khoi 64 bit plaintext ma hda thanh 64 bit ciphertext bing 56
bit khda giai ma. Qua trinh ma hda duac dien ra 16 Ian theo 16 khda, va giai ma
dua tren 16 khda dd theo mot thu tu nguac lai. Qua trinh ma hda cua DES dua
tren phep hoan vj (permutation P-box), phep thay thd (substitution S-box) va
bang cac khda.
Hoan vj dam bao mdi bit cua ciphertext phu thupc vao tit ca cac bit ciia
plaintext va khda sau mot so vdng 13p tdi thiiu.
S-box duac thiet ke sao cho ciphertext cd “sue manh” cao va dl thyre hipn
tren mot con chip.
56 bit khda giai ma duac lay ra tu khda ngoai 64 bit. Trong khda ngoai nay
thi 8 bit {8, 16, 24, 32, 40, 48, 56, 64} ddng vai trd la bit kiem tra (parity bit), do
dd ta loai 8 bit nay dupe khda 56 bit.
38. 36 QuSn trj vd bSo m|it mgng kh6ng day
Mat khac, chiing ta con xet den su phu thuoc ciia moi bit cua ciphertext vao
cac bit cua plaintext va khoa. M6i bit cua ciphertext ma phu thupc cang nhieu
vao so bit cua plaintext khi so vong lap ma hoa do tang thi ta noi he thong ma
hoa do duoc thiet ke tot.
P ER M U TED
INPUT
INPUT
( IN ITIA L P E R M U T A T IO N )
r
1 * t
» o
•K,
[^1=1-0 (+1 '(*o. •<t>]
115=RH ] [ R|5°‘-l4(j)H*
’l4' *<15l|
r
PREOUrPUr[R|fe°L|a0ttRi5.
T
— .
( INVFRSF INITIAL P F R M )
----------- T _
O UTPUT
/ / in /i 2.2: Sa do ma hoa cua thong DES.
39. Chifong 2: Mqt s6 thugt to^n mgt nrici 37
2.5.1.1. Bang khoa (Key schedule)
Trong khoa 64 bit c6 8 bit kiem tra, nham phat hien sai trong khoa chung,
phan phoi va liru trCr. Cac bit nay kiem tra le (odd parity). Bit kg kiSm tra trong
byte dau, k,6 kiem tra trong byte tiSp theo...
Vi du:
K = (0101 1000 0001 n i l 1011 llOO lOOl 0100
1101 0011 101001000101 0010 1110 1010)
- Dau tien loai 8 bit nay tao thanh khoa 56 bit.
- 56 bit nay dugc dua vao hai thanh ghi djch (Cq
,Do
) dga vao bang PC-1
(Permuted Choice):
Bang 2.1: Permuted Choice 1 (PC-1).
57 49 41 33 25 17 9 1 58 50 42 34 26 18
10 2 59 51 43 35 27 19 11 3 60 52 44 36
63 55 47 39 31 23 15 7 62 54 46 38 30 22
14 6 61 53 45 37 29 21 13 5 28 20 12 4
=> Co = ( 1 0 1 1 1 1 0 0 1 1 0 1 0 0 0 1 1 0 1 0 0 1 0 0 0 1 0 1)
Do= (1 1 0 1 0 0 1 0 0 0 1 0 1 1 1 0 1 0 0 0 0 1 1 1 1 1 1 1)
- Sau do (Ci,D|) dugc tao ra bang each djeh chuyen 2 thanh ghi (Co,Do)
theo bang sau:
Vong: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
So bit djeh trii: 1 1 2 2 2 2 2 2 1 2 2 2 2 2 2 1
Bang 2.2: Bang djeh.
=>C|=(0111 1001 1010 0011 0100 1000 1011)
D, = (ioio 0100 0101 1101 0000 n i l i i i i )
- Trong thanh ghi bay gib c6 56 bit. De lay ra 48 bit cho khoa thi ap dgng
vao bang Permuted Choice 2 (PC-2), qua bang ta c6 dugc 16 khba k,,
k2,..., k|6 thong qua cac bg thanh ghi (C|,D,), (C2,D2),..., (C,6,D,6).
40. 38 Quan trj va b^o m$t nrijing khdng day
Bang 2.3: Permuted Choice 2 (PC-2).
14 1711 24 1 5 3 28 15 6 21 10
23 1912 4 26 8 16 7 27 20 13 2
41 52 31 37 47 55 30 40 51 45 33 48
44 4939 56 34 53 46 42 50 36 29 32
=> ta COduac khoa 48 bit sau:
k |=(001001 111010 000101 101001
111001 011000 110111 011010)
- Ti6p theo ta tinh (C2,D2) bang each djeh thanh ghi (Ci,Di) 1 bit (dira vao
bang 2.2).
C2 = ( l l l l 0011 0100 0110 1001 0001 0110)
D2= (oioo 1000 1011 1010 0001 n i l i i i i )
=>k2 = (110110 101001 000111 011101
110101 111011 011101 001000)
Tuong t^i nhu vay ta tinh dupe cac khoa tiep theo.
Chu y: Trong vi$c chon gidi ihuat myt klioa thi ngudi ta phai chii y rSng c6
cac khoa ySu (weak key). Cac khoa yeu nay lam cho viec tao thanh 16 khoa bang
nhau: ki = k2= ... = k]6. Di6u nay lam giam siic manh cua giai thuat. Vi vai khoa
yeu K thi:
EkEk(X) = X
Cac khoa yeu duac thong ke nhu sau:
01 01 01 01 01 01 01 01
IF IF IF IF IF IF IF IF
EO EO EO EO EO EO EO EO
FE FE FE FE FE FE FE FE
D6ng thai con c6 mot bo cac khoa khac la semiweak key ma vai mpi
semiweak key Ka luon ton tai 1 semiweak key Kb sao cho:
EKaEKb(X) = X va EKbEKa(X) = X vai moi plainext X
41. Chu’O'ng 2: Mqt s6 thugt to^n m|t ma 39
2.5.1.2. Mahoa
Gia sir plaintext ban dSu X = (xi, X2,.-, X
64)
x = (ooii 0101 0111 0000 1110 0010 n i l oooi
1011 1010 0100 0110 1000 0010 1100 0111)
- Plaintext nay chia thanh 2 nhom 32 bit (Lq
,Ro) theo bang Initial
Permutation (IP).
Bang l.iI: Initial Permutation (IP).
Lo 58 50 42 34 26 18 10 2
60 52 44 36 28 20 12 4
62 54 46 38 30 22 14 6
64 56 48 40 32 24 16 8
Ro 57 49 41 33 25 17 9 1
59 51 43 35 27 19 11 3
61 53 45 37 29 21 13 5
63 55 47 39 31 23 15 7
Lo = (1010 1110 0001 1011 1010 0001 1000 1001)
A E 1 B A 1 8 9
Ro = (1 101 1100 0001 1111 0001 0000 n i l 0100)
D c 1 F 1 0 F 4
- Chuoi phia ben phai Ro bit dau vao trong vong I5p dau tien trong 16 vong
lap. Rodugrc ma rang tir 32 bit thanh 48 bit thong qua bang E-bit selection nhu sau:
Bang 2.5: E-bit selection.
32 1 2 3 4 5
4 5 6 7 8 9
8 9 10 11 12 13
12 13 14 15 16 17
16 17 18 19 20 21
20 21 22 23 24 25
24 25 26 27 28 29
28 29 30 31 32 1
=
>E(Ro) = (011011 111000 00001
100010 100001 011110 101001)
43. Chuong 2: Mqt s6 thugt to^n mat m§ 41
St
12 1 10 15 9 2 6 8 0 13 3 4 14 7 5 11
10 15 4 2 7 12 9 5 6 1 13 14 0 11 3 8
9 14 15 5 2 8 12 3 7 0 4 10 1 13 11 6
4 3 2 12 9 5 15 10 11 14 1 7 6 0 8 13
4 11 2 14 15 0 8 13 3 12 9 7 5 10 6 1
13 0 11 7 4 9 1 10 14 3 5 12 2 15 8 6
1 4 11 13 12 3 7 14 10 15 6 8 0 5 9 2
6 11 13 8 1 4 10 7 9 5 0 15 14 2 3 12
13 2 8 4 6 15 11 1 10 9 3 14 5 0 12 7
1 15 13 8 10 3 7 4 12 5 6 11 0 14 9 2
7 11 4 1 9 12 14 2 0 6 10 13 15 3 5 8
2 1 14 7 4 10 8 13 15 12 9 0 3 5 6 11
- Can cir vao do cur moi 6 bit, ta xem trong bang S-box tai viing tuorng ung,
tire la viing c6 so thu tr la so thu tir cua nhom 6 bit nay va phan 1 tuong umg voi
so thur tu cot, phan 2 tuomg umg vai so thu tu dong. Ta c6 duoc s6 thap phan tir 1
den 16 tuomg ung 4 bit nhi phan.
Vi du: S,[00J[1001] = S,[0][9] = 10 = 1010
Do do qua bang S-Box ta duac chu6i 32 bit sau:
B, =(1010 0001 1110 1100 1001 0110 0001 1100)
- Qua bang Permutation Funtion (P) ta hoan vj chu6i B|:
Bang 2.6: Permutation Funtion.
16 7 20 21
29 12 28 17
1 15 23 26
5 18 31 10
2 8 24 14
32 27 3 9
19 13 30 6
22 11 4 25
44. 42 Qudin tr| wA b^o m$t mgng kh6ng dSy
=>P(B,) = (1000 0101 1011 1010 n i l 0010 l l i o OlOl)
8 5 B A F 2 E 5
- Cuoi cimg ta c6 chuoi Ri qua phep bien doi sau cimg la:
R, = P(B,) + Lo
con chuoi L, duoc thay chinh la Ro: Lj = Ro, va giai thuat tiep tuc 15 vong
con lai vai each lam tuomg tr. Ta ducrc Ri6,Li6.
- Ta tiep tuc lam khau cuoi cung ket hop R|6,Li6 theo thu tu do tao thmh
chuoi 64 bit, roi cho qua bang Inverse of IP.
Bang 2.7: Inverse of IP.
40 8 48 16 56 24 64 32
39 7 47 15 55 23 63 31
38 6 46 14 54 22 62 30
37 5 45 13 53 21 61 29
36 4 44 12 52 20 60 28
35 3 43 11 51 19 59 27
34 2 42 10 50 18 58 26
33 141 9 49 17 57 25
Nhu v§y ta dugtc Ciphertext Y 64 bit.
2.5.1.3. Gidi ma
Sir dung giai thuat tuong tir nhu ma hoa chi c6 dieu la lam theo thu tyr
nguqc lai cua khoa. Co nghia diuig khoa giai ma theo thii tyr Kje, Kis,..., K2, K].
2.5.2. Phan ti'ch thiet ke S-box
2.5.2.1. Cdc bude phdn tick vd xdy dung S-box
Nhu ta da biet, S-box la mot bang chon. S-box chuyen 6 bit input thanh 4
bit output. Bing edeh lya chpn S-box mot each can than ta c6 the ting dang ke
kha nSng bao mat.
Moi bit a dau ra chiu sp tac dong ctia 6 bit dau vao, va moi bit dau vao c6
cac gia tri la 0 hoSc 1 nen neu ta thiet ke mach logic cho S-box thi c6 den 2^ = 64
kha nSng xay ra.
Ta CObang su that cho Spbox nhu sau:
46. 44 Qujn trj va bdio m|t mgng kh6ng day
X
6 X
s X
4 X
3 X
2 X| y4 ys y2 yi
1 0 1 0 0 0 1 1 1 1
1 0 1 0 0 1 1 1 0 0
1 0 1 0 1 0 1 0 0 1
1 0 1 0 1 1 0 1 1 1
1 0 1 1 0 0 0 0 1 1
1 0 1 1 0 1 1 0 1 0
1 0 1 1 1 0 0 1 0 1
1 0 1 1 1 1 0 0 0 0
1 1 0 0 0 0 1 1 1 1
1 1 0 0 0 1 1 1 0 0
1 1 0 0 1 0 1 0 0 0
1 I 0 0 1 1 0 0 1 0
1 1 0 1 0 0 0 1 0 0
1 1 0 1 0 1 1 0 0 1
1 1 0 1 1 0 0 0 0 1
1 1 0 1 1 1 0 1 1 1
1 1 1 0 0 0 0 1 0 1
1 1 1 0 0 1 1 0 1 1
1 1 1 0 I 0 0 0 1 1
1 1 1 0 1 1 1 1 1 0
1 1 1 1 0 0 1 0 1 0
1 1 1 1 0 1 0 0 0 0
1 1 1 1 1 0 0 1 1 0
1 1 1 1 1 1 1 1 0 1
tir do ta c6:
(de dom gian ta ky hifu x’ c6 nghTa la x)
y i = X ’6X’5X’4X’3X2X’i + X ’6X’5X’4X’3X2X] + x ’6X’5X’4X3X’2Xi + X’6X’5X’4X3X2X’,
+ x’5X’5X4X’3X’2X’i + x’6X’sX
4X3X’2X’| + x’6X’5X
4X
3X
’2X
] + X’6X’5X
4X
3X
2X
|
+ x’6XsX’4X’3X’2Xi + x’6XsX’4X’3X
2X
’) + x’6X5X’4X
3X
2X
’i + x’6X
5X
’4X
3X
2X
i +
X’6X
5X
4X
’3X
2X
] + x’5X
5X
4X
3X
’2X’i + X’6X
5X
4X
3X
’2X
] + X’6X
5X
4X
3X
2X
’l +
X6X’5X’4X’3X’2X
] + X6X
’sX’4X
3X
’2X
’i + X«x’5X’4X
3X
2X
i + X
6X
’5X
4X
’3X
’2X’i +
X6X’5X4X’3X2X’i + X<jX’5X4X’3X2X| + X6X’5X4X3X’2X’ i + X6X’5X4X3X2X’ ] +
X6X5X’4X’3X’2X’i + XfiX5X’4X3X’2Xi + X6X5X’4X3X2X’ i + X6X5X’4X3X2Xi +
X6X5X4X’3X’2X’i + X«X5X4X’3X’2Xi + X^X5X4X’3X2X’ i + X6 X5 X4 X3 X2 X 1
ta nhan thay moi yi se c6 32 hang tii, do do can phai dcm gian hoa y; de
gitip giam dp phuc tap khi thiet ke. Ta thuc hien dieu nay bang gian do
Karnaugh nhu sau:
47. Chifang 2: MQt s6 thugt to^n mat ma 45
XeXjX^ 000 001 O il 010 110 111 101 100
000
001
o n
010
n o
111
101
100
tu gian do tren ta nit gpn duac y, nhu sau:
yi = X’6X’5X’4X’3X
2 + X’6X’5X4X2X’| + X’6X’5X3X’2X
i + x’6X’5X4X’2X’i +
X’6X’5X4X3Xi + X’6X5X4X’3X
2X
1 + x’6X
5X
3X
2X
’i + X’6X5X
4X
3X
’2 +
X’6XsX’4X’3X’2X| + X’6X’5X4X’2X, + x’6XsX’4X
3X
2 + X6X
5X
’3X’2X’, +
X6XsX’4X
3X
2 + X6X5X’4X
3X
] + X
6X5X4X’3X’2+ X6X
4X
’3X2X’] + X
6X
5X
3X
2X
1 +
X6X’sX4X’2X’| + X6X’sX4X’3X
2 + X6X’5X
4X
2X
’i + X6X’5X’4X’3X’2X
i +
X6X’5X’4X3X2X) + X6X’5X3X’2X’,
tuoTig tir nhu vay ta nit gpn cho cac tnicmg hop con lai. Tir do ta c6 the thiet
ke mach dcm gian hom nhieu.
2.5.2.2. Cdc tieu chudn cua S-box
Sau day la mot so tieu chuan ciia S-box:
NSA (National Security Agency) da dua ra tieu chuan cho S-box nhu sau:
1. Moi hang cua S-box la hoan vi ctia cac so nguyen tir 1den 15,
2. Khong c6 S-box nao c6 phu thupc ham vai dau vao cua no.
49. ChLfpng 2: Mpt s6 thugt todin m$t m§ 47
thuoc vao khoa ma con phu thuoc vao dir lieu dau vao. 6 day noi mpt each nom
na ta c6 the xem nhu dii lieu cung la khoa ciia chinh no. Vi vay sp lien quan ciia
output Ri vai plaintext Ro chi c6 the khao sat mpt each tuomg d6i.
Su php thupc cua output thu i (Li,R|) vao khoa (C„Di) c6 thS dupe uac
lupng bang each dung ma tran Nj c6 kich thuac 64x56, va dupe chia lam hai ma
tran con 32 hang va 56 cot nhu sau:
Ni =
N,‘
voi 1< i < 16
2.5.3.1. Khdo sat sirphu thupc Idn nhau cua dir li?u
Vi du lieu dau vao ta chi xir ly 32 bit ben phai nen sp php thupc ciia du lipu
vao B| chinh la su phu thupc cua B, vao Ro nhu hlnh sau:
B,
15 30
15
30
I
-4 ♦4-
k4 44 -
Hinh 2.3: Sirphu thuoc cua B, vdo Rq
.
51. Chifgng 2: Mpl so thuat to^n m|lt m§ 49
Ro
5 10 15 20 25 30
Htnh 2.5: Suphu thuQC cuaLj vao Rq
.
Khao sat bang each nay sau 5 Ian ta se thay duoc sir phy thuoc hoan toan
ciia dCr lieu vao khoa (hinh 2.7).
2.5.3.2. Khdo sat suphu thuoc cua dit lieu veto khoa
O tren ta da trinh bay sir phu thuoc Ian nhau giiia cac ky tit cua chi’nh
plaintext hay con gpi la self-keying.
Diing each phan tich nhu tren trong phan nay ta se khao sat sir phu thuoc
ciia du lieu dau ra vao khoa.
Tntdc tien ta sS tim mot ham lien he nao do giira dau vao va khoa. Nhic lai:
khoi (C|,D|) nhan duoc tir khoa ban dSu thong qua (Co
.Dq
) bSng bang PC2 chi c6
56 bit la do: sau khi tach bo parity bit Kg, K,6, K24, K32, K40, K48, K56, 64 bit
khoa chi con lai 56 bit duac ghi vao hai thanh ghi 28 bit.
53. Chuang 2: Mgt s6 thugt to^n mgt ma 51
10
15
70
75
30
10
R
)
15 20 25 30
^
•fC
iftnttp ^
•t'
^
it(
•((•fc
tfC
ifl ♦
it(i
1
<
ifcn
t ifc
"
f
*
■
tC
4
(d
(>
K it(
>
f
(
■
f ^ >
tfitftftf•
1
(
if(
*Itftti< <
f
s
<
t<
■
«
(p
tc
<
4
(>
f( itc
4
(
•
»
*
*
f
<
■
*
«
•
(
<
ffin/i 2.7: Sirphu thuoc hoan loan cua dir li^u.
Do do bit thii nhit va thii sau cua K, tac dong len b6n bit d diu ra S-box, cu
the chiing quyet djnh so hang. Sir phu thuoc nay ta b ik diln bang diu (-). B6n
bit con lai cung tac dong len dau ra vi chiing quyet djnh so cot. Ta bieu dien sir
phu thuoc nay bang dau (+). Neu mot bit ciia khoa dong thdi tac dong dSn sir lira
chon hang va sir lira chon cot thi ta bieu dien bang dau (*) (tnrdng hop nay chi c6
thS xay ra cho nhirng vong lap thir hai trd di cua he thdng DBS).
54. 52 QuSn trj bio m$t mgng kh6ng dSy
Ta C
OthS bifiu diln sy phi thugc nay qua hinh ve sau:
10 20 30 40 48
25
- ++++ ■
-++++ ■
-++++
- + + + +
• + + + + •
- + + + + •
- + + + +
- + + + +
- + + + +
- + + + +
- + + + + •
- + + + + •
-++++ •
-++++ •
- + + + + •
- + + + + •
- + + + + •
- + + + + •
- +
- +
+++
+++
+++
+++
- + + + + •
- + + + + •
- + + + + ■
- + + + +
- + + + +
• + + + +
-++++
Hinh 2.8: Suphu thuQCcua B/ veto K/.
Vi B] tiep tpc duqc hoan vj nen ta bieu dien syt phq thupc cua R| sau khi
hoan vi Bi nhu hinh 2.9.
Tu bang PC2 ta se suy ra dupe sp phu thupc cua Ri vao (Ci,Di) nhu hinh 2.10.
Tuemg tu nhu d tren, sau khi thpc hipn den buac thii nim cua thuat toan
DES ta c6 dupe bang php thupc nhu hinh 2.11.
55. Chygng 2: M$t s6 thugt toan mgt mg 53
15
Ri
20
25
30
10 20 30 40 48
-++++ -
-++++ -
Hinh 2.9: Suphu thuoc cua R/ vao K/
2.5.4. Cac hf thong DES trong thrc te
He thong DES duoc mo ta mot each rat phiic tap nhumg trong thirc te viec
trien khai DES rat dem gian, ca a phan ciing Ian phan mem. Chi c6 mpt phep toan
duy nhat phai tinh toan la phep EX-OR. Cac phep tinh E, S-box, phep hoan vj IP
va P, va tinh K], K2,..., Ki^ c6 the duac tinh toan trong mot thai gian duac xac
djnh truoc bSng each dung table look-up (a phan mem) hay thirc thi d phan ciing
bang each ghi chiing len cac mach in.
56. 54 Qu^n trj va b^o m^t mgng kh6ng day
10 •20 30 40 50 56
20
+ +
+ + - +
+ + - + - +
+ - + + ■ +
+
+ + - +
+ + - +
+ +
+ + +
+ +•
♦
+ + + +
+ + + +
+ + - -
Hinh 2.10: Su phu ihuoc cua Ri vao (Ci,Di).
Cac he thong ngay nay c6 the tinh toan ma hoa DES voi toe do rat cao va
rat pho bien. Ngay tu nSm 1991, da c6 den 45 h? thong duoc cong nhan boi
National Bureau of Standards.
Mot trong nhung ung dung rat quan trong ciia DES la dung trong ngan
hang, su dung tieu chuan duqc dua ra bai American Bankers Association. DES
dupe sir dung de ma hoa ede ma nhan dien khach hang (PIN) va cac giao djeh
thuc hien bai cac may nit tien tu dong (ATM). DES con duac sir dung bdi
Clearing House Interbank Payments System (CHIPS) de xac thirc cac giao dich.
DES con duac sit dung rpng rai trong cac llnh vuc khac nhu: cac he thong
quan ly hanh chinh, cac kho bac (cu the la trong Cue du tru lien bang My)...
57. Chifang 2: Mpt so thugt toan mat ma 55
10 20 30 50 55
10
15
20
25
30
■y««r iHHiH|tim >|c.lMc<
|>
|i wir UMir Mir |i|' Hr H|i|n|t|ii)i|hniini|>|n|>|
fciH
<
4
H
<
W
W
H
C
W
<
W
W
<
W
H
<
W
W
W
«
W
H
«
W
H
‘W
t<
.W
W
W
<
4
*
W
W
«
W
fH
<
'W
H
<
-W
f<
<t*fii>'itfi>*|i' ii»r ii*i>iiii*ici|>|ii|>|cit>i>|(i|>niim iti'nfiH * >
rii*r t«r ii«i»r i|» r ii*iciin iii*i>|ti|>iiii*iiii>in |t|* iKt*i^
«
t<>«r >«r iM
fin«if innmi nr miif mi in mi miiihhi mi |i(i|i mi mi mi iiiiinm,i|i|iinninnn.nii^
» Mir l«r M|f IM»|f |l|r |l|l |l|f |||>|I |i|i |i| |i|i H|l|l |l|l |i|i H|l|i |i|i |i|i |il|ii|l|t|hHi,i|>iiinniH|HmMi»
....................... .......... |||| M
il |I|I||I|I|( |I|I |||(||||(|||||| |||| |i|ii|i|ii|i|k|u|i|L«
r nrnnt mr u m im i |i|i iiiiih m ih iiii mii iiii himi iiii ih iu h ii iiii nii mi i>|i|i n r mi mi nii|i |i|i |i
•¥ wit HI' Hlf n il If llir |l|l .............. |l|l HH l»|i-»
K m »if i«ir ii|f IIif ii|iirimci|i|ii|inim tnim i.t(
Itw
i*
r ii|r|i|fiH
f|im
iim
iiniiinni|>
nii.|>
n»
iM iii>iiii>Mii>i<n>i>ijm fiiifrn>|finnirim rinii )fl|ii|>|i|ii|i|i iiiiinniii|ii|ii|i|iiniiiim>|iinninninnnnini|>n
t*y w r l»|r |l|f H|f |I|I|1 M|f I»|I II|I I»|I|I |l|l |I|I |I|I|I IHI Mil Ml' l»l>|l H|ii|i|iiH|ii|>H|li|Hi«<<
■» m i Hit M|f l*|i|H|>|C
iH|iiH|ii|>|tM m ^i iTii*iti|«|tm mMtrnii»
i|i|cinitinnn.nic»
Hinh 2.11: Suphu thuSc hoan loan vao khoa.
Co bon mo hinh boat dong ctia DES duac dua ra la: electronic codebook
mode (ECB), cipher feedback mode (CEB), cipher block chaining mode (CBC)
va output feedback mode (OFB).
- Mo hinh ECB tuomg tu nhu nhirng mo hinh ma hoa theo timg kh6i, vai 64
bit plaintext x,, X2..., m6i X
j se duoc ma hoa vai cung mpt khoa K d6 tao ra
ciphertext block yi, y2...
58. 56 Qu^n trj vd bjio mgt mgng khOng dSy
- Vai mo hinh CBC, m6i kh6i ciphertext yj dugc EX-OR vai khoi plaintext
tiSp theo tnrac khi ma hoa vai khoa K. Cu thS, ta bat dSu vai 64 bit vector khai
tao IV, va gan yo = IV. Sau do ta xay dung yi, y2,... tu luat sau; yj = eK(yi-i ® Xj),
1 < i. Mo hinh CBC dugc mo ta nhu hinh v5 sau:
• • •
- • • •
Hinh 2.12: M6 hinh CBC.
60. 58 Qu^n trj b^o m$t mgng kh6ng day
2.6. He thong RSA
2.6.1. Can true hf thong RSA
He thong nay dugfc tinh toan tren tap Z„, vai n nhan duac bang each nhan
hai so nguyen to p va q. Ta c6 ham Euler (t)(n) = (p - l)(q - 1).
Thuat toan duqc mo ta nhu sau:
- Ti'nh n = p.q , voi p, q la hai so nguyen to. Dinh nghia tap K nhu sau:
K = {(n, p, q, a, b): n = p.q, vai p, q la so nguyen to, ab = 1 (mod (|)(n))}
- K = (n, p, q, a, b) djnh nghla:
Ek(x) = x*”mod n
DsCy) = y“mod n
X, y e (Zn); n va b duqc pho bien rqng rai; con p, q, a thi duqc giu bi mat.
Vi ab = 1 (mod <t)(n)) nen ta c6:
ab = t.0(n) + 1
vai mot so nguyen t nao do 1< t. Vai x e Z„* ta c6:
a-jb_ t.iK
n)+1
(x T ^ x ’ (mod n)
= (x'''"')'.x (mod n)
= I'.x (mod n)
= X(mod n)
nhu vay ta da khoi phuc duqc plaintext ban dau.
Vi du: Gia sii Bob chon p = 101 va q = 113. Khi do n = 11413 va 0(n) = 100
X 112 = 11200. Vi 11200 = 2^.5^.7, mot so nguyen b duqc chon lam khoa cong
cqng khi va chi khi b khong chia het cho 2, 5, 7. Gia sir Bob chqn b = 3533. Khi
do theo thuat toan Euclide ta c6:
b ' = 6597 mod 11200
tu do, khoa bi mat cua Bob la a = 6597.
Bob pho bien n = 11413 va b = 3533 rqng rai. Bay gia gia sir Alice muon
giri cho Bob plaintext 9726. Co ta s6 tinh:
9726” ” mod 11413 = 5761
61. Chifpng 2: Mgt so thuat to^n mgt ma 59
va gui ciphertext 5761 di. Khi Bob nhan duac ciphertext 5761. Anh ta se
dung kh6a bi mat ciia minh de tinh:
5761^’’’ mod 11413 = 9726
Ta nhan thay tlnh bao mat cua RSA goi gon a n = p.q. Do do nSu ai do phan
tich duac cac thira so cua n thi he thong se bi pha va.
2.6.2. Phan dch dac diem cua hf thdng RSA
RSA C
Orat nhieu diem can dugc phan tlch, bao g6m viec cai dat he th6ng
nhu the nao, kha nSng thuc thi cua thuat toan va kha nang bao mat.
De cai dat h? thong, Bob se lam theo cac buac sau:
1. Bob tao ra hai so nguyen to cue Ian la p va q
2. Bob tinh n = p.q va 0(n) = (p - l)(q - 1)
3. Bob chon ngau nhien b (1 < b < 0(n)) sao cho mod (b, (t)(n)) = 1
4. Bob phan phoi rong rai n va b nhu la khoa cong egng.
Mot each tan cong he thong RSA la phan tlch cac thira so nguyen to ciia n.
Mot khi lam dugc dieu nay, ta se c6 the tinh dugc 0(n) = (p - l)(q -1) va tir d6 ta
se de dang suy ra dugc khoa bl mat a, de c6 the glal ma cac ciphertext.
Vi the neu muon xay dung mgt he thong RSA that sg an toan ta c4n thiSt
phai chon p, q that Idn dS n ign ddn muc khdng the phan tich dugc. Cu the ta phai
chgn cac so nguyen to p va q mol so c6 khoang 100 chil s6, khi do n it nh4t cung
dugc 200 chu so.
Tuy nhien, neu n qua Ian thi lai nay sinh vSn dS vi khi ky cac phep toan
thuc hien trong tap Z„ se rat mdt thai gian. Do d6, n phai dugc chgn sao cho vua
dam bao kha nang bao mat vua phai c6 toe do tinh toan trong khoang thai gian
chap nhan dugc.
Gia su n C
Ok bit, nghTa la k = log2n + 1, ta nhan thay phep cgng thuc hien
tren hai so nguyen c6 k bit nhu the nay se can mgt khoang thai gian la 0(k), va
phep nhan se phai t6n mgt khoang thai gian la O(k^). Viec tinh modulo n ctia s6
nguyen 2k bit trong tap Z„ cung t6n mgt khoang thai gian la O(k^). Bay gia gia
sir rang x, y £ Z„. Khi do x.y mod n c6 the tinh qua hai buac sau: tinh tich x.y, va
sau do tinh modulo n. Moi buac nay se phai ton mgt khoang thai gian la O(k^).
Bay gia ta tiep tuc khao sat voi phep mu. NghTa la khao sat viec tinh x' mod n.
Ta nhan thay neu c ege Ian thi thai gian thgc hien phep toan nay se rat Ian va
62. 60 Qu^n trj va b^o m$t mgng khdng day
viec tinh x'^ mod n c6 thS dirge thuc hien vai thdi gian tuong duong viec thuc
hien c -1, chu y ring c c6 the 1cmbang <t)(n) - 1.
Ta COphuomg phap sau de lam giam thdi gian tinh toan xuong con khoang
2,1 voi 1la so bit bieu dien c. Vi 1< k nen mod n c6 the dugc thuc hign trong
khoang thdi gian O(k^). Nhu the, viec ma hoa va giai ma trong he thong RSA dugc
thuc hign trong mgt khoang thdi gian dugc bieu dien bang mot ham so theo k.
Ta C
Othe bieu dien khoa cong cgng b nhu sau:
b = I bi. 2‘
vdi bi = 0 hoac 1, 0 < i < 1- 1. Thuat toan ti'nh z = x*
" mod n dugc mo ta
nhu sau:
1. z= 1
2. for i = 1- 1 downto 0 do
3. z = z^ mod n
4. if bi = 1 then z = z.x mod n
F) du: a trong vl du tren Alice tinh 9726^
thugt toan tren nhu sau:
i bi z
mod 11413 bang each sir dvmg
11 1 1^x9726 = 9726
10 1 9726^ X9726 = 2659
9 0 2659^ = 5634
8 1 5634^x9726 = 9167
7 1 9167^x9726 = 4958
6 1 4958^ X9726 = 7783
5 0 7783^ = 6298
4 0 6298^ = 4692
3 1 4692^x9726= 10185
2 1 10185^x9726= 105
1 0 105^= 11025
0 1 11025^x9726 = 5761
Qua cac img dung thgc te ngudi ta thay RSA cham hon DES khoang 1500 Ian.
63. 2.7. He thong mat ma Merkle Heilman Knapsack
Gia sir ta c6 khoa: K = (k|, k2,....., k„) vai k| la so nguyen, 1 < i < n va n-bit
plaintext la X (xj, 2,..... , x„) voi xi thuoc GF(2) 1 < i < n.
He thong mat ma Knapsaek ma hoa n-bit plaintext thanh m-bit ciphertext,
n < m, theo ham so sau:
Y = K.X = kiX| + k2X2 +.....+ k„Xn
Viec tinh Y rat de dang nhimg phuc hoi lai X tir Y la v6 cimg kho khSn khi
n 1dmva k duoc chon ngau nhien.
Khoa K dugc chon sao cho moi phan tir cua K 1dmhorn tong cua cac phan tir
tnrdfc no. Knapsack tucmg img:
kj > k| + k2 +.......+ k|_i
Vi =kiX|
y2 = k|Xi + k2X2
y„ = kixi + k 2X2+.......+ k„x„
y„ bieu dien ciphertext Y, nghia la Y = y„. Bay gib plaintext X c6 thd dugc
phuc hoi tir yi (voi 1< i < n) va khda k bang each sau:
' Ncu y„ -- k„, thi gdn x„ - 0 va y„., - y„
+ Neu y„ > k„, thi gan x„ = 1 va y„.i = y„ - k„
Bang each tinh gia trj cua y„_i, chiing ta c6 the tinh duge x„.i va y„_2 mot
each hoan toan tuomg tu.
Tien trinh phuc hoi tiep tuc cho den khi ta thu duge:
X = (X],X2,.......,x„)
Mo ta van de Knapsack qua vi du sau:
Vi du r. Cho plaintext X = (11001) vakhoa K = (151, 187, 426, 1091, 2412),
ta C
Ociphertext Y la:
Y = k.x= 151 + 187 + 2412 = 2750
Vi Y = y5 = 2750 la ciphertext, su phuc hoi cua X
5 tir ks va yi la 1 vi ys =
2750 > kj = 2412. Tuomg tu ta c6:
y4 = ys - ks= 338 < Icj = 1091 => X
4= 0
ys = y4 = 338 < ks = 426 => X
3= 0
Chu’O
’ng 2: Mqt so thugt toan mgt ma_________________________________________________ ^
64. 62 Quan trj bao mgt mgng kh6ng day
y2 = ys = 338 > k2 = 187 => X
2= 1
y, =y2 -k2= 151 = k, => x, = 1
Nhu vay ta da phuc hoi lai duac plaintext ban dau la: X = (11001). Tuy
nhien, vecta Knapsack k nay qua don gian khong the sir dung duqc vi mpt ai do
C
Othe de dang phuc hoi X tir Y tao ra mot khoa cong cong kha dom gian nhung
chon ngau nhien cac vecta Knapsack c6 the kha phuc tap.
De cai tien ta lam nhu sau:
- Ta chon ra hai so nguyen du Ian m va n sao cho m > w va m, w nguyen to
cung nhau (gcd (m,w) = 1), han nua m phai Ian hem Ski vai 1 < i < n, k| la mot
phan tu cua tap hap cac vecta Knapsack.
Phuc hoi plaintext X tir ciphertext Y doi khi phai chuyen Y thanh Y’ qua
V(la nghich dao cua w modulo m):
Y’ = VY (mod m) (1)
Vdi V= w"' duac tinh tir m va w nhu sau:
w.v = 1 (mod m)
hay w.w'' = 1 (mod m)
(1) => Y = w Y’ (mod m) (2)
- Vecta Knapsack kp = w kp, duac tao ra bdi nguai sir dung nhu la khoa cua
ho, va tham so v = w'', m dupe giu bi mat nhu la khoa bi mat, kp duac tao ra tir
timg phan tir cua Knapsack k’p= (k’l, k’2,..., k’„) bdi w modulo m nhu sau:
ki = w k’l (mod m), 1< i < m (3)
Do do tir (2) ta c6:
Y’ = w'' Y (mod m)
= w ‘S ki X
i (mod m), 1< i < n
=> Y’ = w ‘ S w k’i X
i (mod m) = (w w'') S k’l X
| (mod m)
= S k’i X
i (mod m) = k’px
Ngoai ra ta c6: Y = kp x = S k| X| nhu sau:
Y = S [w k’i (mod m)] X
j
= S w w"' k| X
i (mod m)
=> Y = S k| X| (mod m) = kp x
65. Chifgng 2: Mpt so thugt to^n mat ma 63
Ta xet V
I du sau:
Vi du 2: Cho mot vector Knapsack don gian k’pnhir sau:
k’p= (151, 187,426, 1091,2412)
Ta c6:
X k ’i= 151 + 187 + 426+ 1091 + 2412 = 4267
Chon hai so nguyen bi mat la m = 4617 va w = 1175, ta nhan thdy gcd
(w,m) = 1 bang each su dung thuat toan Euclidean:
4617 = (1175) x3 + 1092
1175 = (1092)xl + 83
1092 = (83)xl3 + 13
83 = (13) x6 + 5
5 = (3)xl 2
3 = (2)xl + 1
2 = (2)xl
Theo thuat toan Euclidean la thiy gcd (1175, 4617) = 1. Suy ra w = 1175
va m = 4617 nguyen to ciing nhau.
Tu (3) ta c6:
kj = 1175 k’j (mod 4617)
k, = (151) (1175) - (38) (4617) = 1979
k, = (187) (1175) - (47) (4617) = 2726
kj = (426) (1175) - (1088) (4617) = 1914
k4 = (1091) (1175)- (277) (4617) = 3016
ks = (2412) (1175) - (613) (4617) = 3879
Vay ta tinh dugc kp:
kp = (1979, 2726, 1914, 3016, 3879)
Vi du 3: Tinh v = w’’
Vai m6i cap so nguyen w va m ton tai hai s6 nguyen v va u sao cho gcd
(w,m) = vw + um. Vi gcd (1175,4617) = 1
nen ta c6: 1 = 1175v + 4617u
Suy ra: 1= 1175v (mod 4617)
66. 64 Qujn trj va b^o mgt mgng khong day
Theo thuat loan tren ta c6:
1= 3 -(2 )x l
1 = (3) x2 - 5
1=(13) x 2-(5) x5
1 =(13) x32-(83) x5
1 =(1092) x32-(83) x421
1 =(1092)x453-(1175)x421
1 =(4617) x453-(1175)xl780
Tir phuomg trinh cuoi ciing ta nhan thay: 1 = - (1175) (1780) (mod 4617).
Vay V= -1780 (mod 4617) = 2837 la nghich dao ciia w = 1175 modulo m (= 4617).
Ta xet vi di sau:
Vi du 4: Cho plaintext X = (11001). Vector Trapdoor Knapsack:
kp= (1979,2726, 1914, 3016, 3879) nhu ket qua ciia vi du tren va v = 2837 voi
k’p= (151,187,426, 1019,2412) va hai so nguyen bi mat w = 1175 vam = 4617.
Ciphertext la: Y = kp X = 1979 + 2726 + 3879 = 8584 va ciphertext dupe
chuyen doi: Y’ kp = v Y mod m = (2837) (8584) (mod 4617) = 24.352.808 (mod
4617) = 2750.
Plaintext X duoc phpc hoi nhu sau:
i y’i k’i X
i
5 2750 >2412 1
4 338 < 1091 0
3 338 <426 0
2 338 > 187 1
1 151 = 151 1
va gia tri cua X = (11001).
Vi du nay la mot mo hinh thu nho cua ky thuat Knapsack. Ta nhan thay n6
thtuih cong trong vi$c phic hoi plaintext X, se rat kho phuc hoi lai plaintext X
neu khong c6 v va w dSc bi$t la khi n Ion. Noi chung muc do bao mat cua h?
thong phu thupc vao vi?c chon v, w va k’p.
67. Chifcyng 2: Mgt s6 thugt to^n m§t ma 65
Vi du 5: Chon w va m sao cho gcd (w,m) = 1; chon w = 2550, m = 8443 va
k’p= (171, 196, 457, 1191,2410), van de Knapsack dugc khai trien nhu sau;
8443 = (2550) x3 + 793
2550 = (793) x3 + 171
793 = (171) x3 + 109
171 = (109) xl + 62
109 = (62) xl + 47
62 = (47) xl + 15
47 = (15) x3 + 2
15 = (2) x7 + 2
2 = (l)x2
Vay gcd (2550, 8443) = 1(nguyen to ciing nhau).
k| = 2550 k’l mod m (8443), 1< i < 5, ta c6:
k, = (2550) xl71 - (8443) x51 = 5457
ka = (2550) xl96 - (8443) x56 = 1663
kj = (2550) x457 - (8443) xl38 = 216
k4 - (2550) xl 191 - (8443) x359 = 0013
k, = (2550) x2410 - (8443) x727 = 7439
Vay ta dugc kp = (5457, 1663, 216, 6013, 7439), vl m = 8443 va Sk’j = 171
+ 196 + 457 + 1191 + 2410 = 4425 nen dieu kign m > Xk’i thoa man.
Ta tinh v = w ' theo thuat toan Euclidean:
1 = 15-(2) x7
1=(15) x22-(47) x7
1 = (62) x22 - (47) x29
1 =(62) x51 -(109) x29
1 =(171)x51 -(109) x80
1 =(171)x371 -(793) x80
1 =(2550) x371 -(793)xll93
1=(2550) x3 9 5 0 -(8443) xl 193
69. Chucyng 2: Mgt so thugt toan mgt ma 67
Hinh 2.14: Xdc dinh diem R = P 0Q .
Hlnh 2.15a: Hai diem doi xirng qua true hodnh.
70. 68 Quin tri v i bio m jt mgng khdng diy
Hinh 2.15b: Xdc dfnh diem R = P & P.
Ta tim tpa dp cua R nhu sau:
Ta C
Ophuong trinh duomg thing g di qua hai diem P va Q la;
y = s.x + yo
71. Chu'cyng 2: M$t s6 thugt loan mgt ma 69
vori s = (yg - yp)/(xQ - Xp)
yo = yp - s.xp
thay ket qua tren vao phucmg trinh ellip ta duac:
(s.x - yo)^ = x^ + a.x + b
giai phuang trinh nay ta dupe:
Xr = —Xp - Xq
yp = - (s.Xr + yo)
Trong truomg hop P va Q trung nhau thi hp so goc cua tiep tuyen tai P la:
s = (3.xp + a)/2yp
Hinh 2.17: Xdc dfnh toa dq giao diem khi P = Q.
Liic nay, tpa dp cua R dupe xac dinh nhu sau:
Xr = - 2xp
yp = - (s.Xr + yo)
Khi do, voi mot s6 nguyen t6 p va mpt ellip, ta chon mot diSm P thoa man
phuong trinh cua ellip, sau do cpng don P len k Ian, P dupe cong bo rpng r3i nhu
mpt khoa cong cpng, con k thi dupe giu nhu mpt khoa bi mat.
Q = k.P
Kha nang bao mat cua he thdng nSm a ch6 rSt kho xac djnh dupe k mSc dii
da biet P va Q.
72. 70 Qu^n trj va bio m§t mgng kh6ng day
2.8.2. Kh^ n^ng bio mat cua thuat toin
Ta biet ring ECC dugc xay dimg dua tren van de logarithm roi rac, tuy nhien
kha nang bao mat cua ECC dugc nang cao hon nhg vao sg phuc tap cua quy tic
cgng hai diem thugc ellip, day chinh la die diem noi bat cua hg thong nay.
Dac diem noi trgi nira ciia ECC la: mic dii kha nSng bao mat tot nhung
chiiu dai khoa rit ngin, day chinh la uu diem noi trgi so vdi cac h? thong mat ma
bat doi xemg khac ma dien hinh la he thong RSA.
Do nhilng uu diem nay ma ngay nay ECC c6 nhung ling dung rat Ion trong
cong nghe bao mat cua truyen thong khong day. Voi kha nSng xii ly va dung
lugng bg nho con nhieu han che, cac thiet bj khong day can mot thuat toan khong
doi hoi tinh toan qua phuc tap va chieu dai khoa khong qua Idm, va ECC chinh la
giai phap cho cac thiet bi nay.
2.9. MD4, MD5
Trude tien ta sS mo ta MD4 sau do ta siia lai mot so thugc tinh de c6 MD5.
Cho mot chuoi bit x, ta tao ra mang sau:
M = M[0]M[1] ... M[N-1]
Vdi M[i] la chuoi bit cd chieu dai 32 va N = 0 mod 16. Ta ggi moi M[i] la
mOt tC
t. M phii chia hit cho 512, klii dd N s6 chia het cho 16.
Bay gid ta xay dgng 128 bit message digest. Message sg dugc chia ra lam 4
tir: A, B, C, D. Ta cd thugt toan nhu sau:
1. A = 67452301 (hex)
B = efcdab89
C = 98badcfe
D = 10324576
2. for i = 0 to N/16 - 1 do
3. for j = 0 to 15 do
X0] = M[16i+j]
4. AA = A
BB = B
CC = C
DD = D
